CVE-2019-11064

CVE-2019-11064: A vulnerability of remote credential disclosure was discovered in Advan VD-1

Vendor Androvideo

Product Advan VD-1 firmware

Weakness CWE-200 · Info exposure

Published August 29, 2019

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication.

Key dates

02Disclosure timeline

August 29, 2019 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-11064 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2026-41615 Microsoft Authenticator Information Disclosure Vulnerability CVE-2021-24164 Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure CVE-2019-12704 Cisco SPA100 Series Analog Telephone Adapters Web-Based Management Interface File Disclosure Vulnerability CVE-2026-47124 Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets