CVE-2019-25249 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows attackers to enable hidden services through the htmlmgr CGI scr…
High CVSS: 8.7

CVE-2019-25249

devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows attackers to enable hidden services through the htmlmgr CGI script. Attackers can enable telnet and remote shell services, reboot the device, and gain root access without a password by manipulating system configuration parameters.
Vendor
-
Product
-
CWE
CWE-266
Yayın Tarihi
2025-12-24 20:15:53
Güncelleme
2025-12-29 15:58:13
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-266 HIGH 2025

Referanslar

https://www.devolo.com https://www.exploit-db.com/exploits/46325 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5508.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5508.php