Information Disclosure Vulnerability in D-Link Wireless Access Points
CVE-2019-14336

5.5MEDIUM

Key Information:

Vendor: D-Link
Status: 6600-ap Firmware
Vendor: CVE Published:; 1 August 2019

What is CVE-2019-14336?

A security flaw in D-Link 6600-AP and DWL-3600AP devices allows post-authenticated users to dump all configuration files by sending an insecure HTTP request to a specific admin CGI endpoint. This issue poses significant risks, as it can expose sensitive settings and operational configurations, potentially enabling attackers to exploit other vulnerabilities or gain unauthorized access.