Vulnerabilites related to dlink - dir-818lx_firmware
Vulnerability from fkie_nvd
Published
2019-12-30 17:15
Modified
2025-02-04 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-859_firmware | * | |
| dlink | dir-859_firmware | 1.06b01 | |
| dlink | dir-859 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-823_firmware | * | |
| dlink | dir-823_firmware | 1.00b06 | |
| dlink | dir-823 | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-869_firmware | * | |
| dlink | dir-869_firmware | 1.03b02 | |
| dlink | dir-869 | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - | |
| dlink | dir-890l_firmware | * | |
| dlink | dir-890l_firmware | 1.11b01 | |
| dlink | dir-890l | - | |
| dlink | dir-890r_firmware | * | |
| dlink | dir-890r_firmware | 1.11b01 | |
| dlink | dir-890r | - | |
| dlink | dir-885l_firmware | * | |
| dlink | dir-885l | - | |
| dlink | dir-885r_firmware | * | |
| dlink | dir-885r | - | |
| dlink | dir-895l_firmware | * | |
| dlink | dir-895l | - | |
| dlink | dir-895r_firmware | * | |
| dlink | dir-895r | - | |
| dlink | dir-818lx_firmware | - | |
| dlink | dir-818lx | - |
{ cisaActionDue: "2023-07-20", cisaExploitAdd: "2023-06-29", cisaRequiredAction: "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", cisaVulnerabilityName: "D-Link DIR-859 Router Command Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-859_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C2ABCF49-625F-4267-8B6D-14081B31E8B0", versionEndIncluding: "1.05b03", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-859_firmware:1.06b01:beta1:*:*:*:*:*:*", matchCriteriaId: "BB555A1A-6B26-483E-ABFC-B64B928E7CC5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-859:-:*:*:*:*:*:*:*", matchCriteriaId: "D1DEEF5B-D8E9-45F3-8A89-52CE8402E6F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F8E6CDA-679A-4A31-8D8D-BD283C5E1E3E", versionEndIncluding: "2.03b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*", matchCriteriaId: "B3894F0E-37F8-4A89-87AC-1DB524D4AE04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "46B25758-8EC2-4598-A834-9D513B030629", versionEndIncluding: "3.12b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*", matchCriteriaId: "B3894F0E-37F8-4A89-87AC-1DB524D4AE04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-823_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99D9046B-206E-4267-98BA-BF572682F134", versionEndIncluding: "1.00b06", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-823_firmware:1.00b06:beta:*:*:*:*:*:*", matchCriteriaId: "5A56D2BD-5160-46FE-8AC7-CB4CA50E4D5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*", matchCriteriaId: "EC426833-BEA7-4029-BBBB-94688EE801BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4406996E-761D-4EDC-9877-17B7472C1422", versionEndIncluding: "1.07b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9D90548-24FD-416F-9159-6F7AB318C923", versionEndIncluding: "1.12b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B0CA3A5-CF3D-4D1B-BB07-EE0D91901BC9", versionEndIncluding: "2.05b02", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-869_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "499E8ADA-B4ED-42B2-B237-716A77BD546A", versionEndIncluding: "1.03b02", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-869_firmware:1.03b02:beta02:*:*:*:*:*:*", matchCriteriaId: "AF693676-C580-44CF-AAC6-6E38658FEAFB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-869:-:*:*:*:*:*:*:*", matchCriteriaId: "E9EB6E8E-03FA-4477-B97A-0752B7C443F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE7C571B-BCCB-4853-A08E-2EF9A64C94CD", versionEndIncluding: "1.08b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*", matchCriteriaId: "CC772491-6371-4712-B358-E74D9C5062FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-890l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50FCDBDC-32F8-42DF-BD3C-A9EFC11D036C", versionEndIncluding: "1.11b01", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-890l_firmware:1.11b01:beta01:*:*:*:*:*:*", matchCriteriaId: "7A4A1A68-5B14-47B7-9D02-274A0E4AF2F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*", matchCriteriaId: "B1EA89C7-4655-43A3-9D2B-D57640D56C09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-890r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA0BEAAD-6330-47FE-A8F6-665C3F346619", versionEndIncluding: "1.11b01", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-890r_firmware:1.11b01:beta01:*:*:*:*:*:*", matchCriteriaId: "4C18C9D9-9418-441B-9367-91F86137245C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-890r:-:*:*:*:*:*:*:*", matchCriteriaId: "D678E889-3D74-4D16-84D0-41F547519A7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-885l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D9C475-FB79-4D18-823C-0A3F01CB478E", versionEndIncluding: "1.12b05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*", matchCriteriaId: "AD481B64-A25D-4123-B575-20EC3C524D9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-885r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0261FBA8-D370-4581-B4AE-E8DBF4546C50", versionEndIncluding: "1.12b05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-885r:-:*:*:*:*:*:*:*", matchCriteriaId: "8E0351A1-D161-468E-A2C4-1FB92E978DA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-895l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CBB7A220-2C3E-45B4-BA2E-D6C595B391D7", versionEndIncluding: "1.12b10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*", matchCriteriaId: "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-895r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E4B2469-DDAB-4FD1-A446-B304AAF78BB3", versionEndIncluding: "1.12b10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-895r:-:*:*:*:*:*:*:*", matchCriteriaId: "DF2DADDD-2F1C-458D-B3F5-07EE0FE35E92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-818lx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "072F053E-4DAB-4246-BEE7-F4813957BF56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-818lx:-:*:*:*:*:*:*:*", matchCriteriaId: "1B6E718C-2E2A-4E9B-A83D-25C01F681301", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.", }, { lang: "es", value: "La URL de /gena.cgi del endpoint UPnP en el router Wi-Fi D-Link DIR-859 versiones 1.05 y 1.06B01 Beta01, permite a un atacante remoto no autenticado ejecutar comandos del sistema como root, mediante el envío de una petición HTTP SUBSCRIBE especialmente diseñada en el servicio UPnP cuando se conecta a la red local.", }, ], id: "CVE-2019-17621", lastModified: "2025-02-04T21:15:18.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2019-12-30T17:15:19.857", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.dlink.com/en/security-bulletin", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.dlink.com/en/security-bulletin", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-02 14:16
Modified
2024-11-21 04:38
Severity ?
Summary
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-859_firmware | * | |
| dlink | dir-859_firmware | 1.06b01 | |
| dlink | dir-859 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-822_firmware | * | |
| dlink | dir-822 | - | |
| dlink | dir-823_firmware | * | |
| dlink | dir-823 | - | |
| dlink | dir-865l_firmware | * | |
| dlink | dir-865l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-868l_firmware | * | |
| dlink | dir-868l | - | |
| dlink | dir-869_firmware | * | |
| dlink | dir-869 | - | |
| dlink | dir-880l_firmware | * | |
| dlink | dir-880l | - | |
| dlink | dir-890l_firmware | * | |
| dlink | dir-890l | - | |
| dlink | dir-890r_firmware | * | |
| dlink | dir-890r | - | |
| dlink | dir-885l_firmware | * | |
| dlink | dir-885l | - | |
| dlink | dir-885r_firmware | * | |
| dlink | dir-885r | - | |
| dlink | dir-895l_firmware | * | |
| dlink | dir-895l | - | |
| dlink | dir-895r_firmware | * | |
| dlink | dir-895r | - | |
| dlink | dir-818lx_firmware | - | |
| dlink | dir-818lx | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-859_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C2ABCF49-625F-4267-8B6D-14081B31E8B0", versionEndIncluding: "1.05b03", vulnerable: true, }, { criteria: "cpe:2.3:o:dlink:dir-859_firmware:1.06b01:beta1:*:*:*:*:*:*", matchCriteriaId: "BB555A1A-6B26-483E-ABFC-B64B928E7CC5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-859:-:*:*:*:*:*:*:*", matchCriteriaId: "D1DEEF5B-D8E9-45F3-8A89-52CE8402E6F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F8E6CDA-679A-4A31-8D8D-BD283C5E1E3E", versionEndIncluding: "2.03b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*", matchCriteriaId: "B3894F0E-37F8-4A89-87AC-1DB524D4AE04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "46B25758-8EC2-4598-A834-9D513B030629", versionEndIncluding: "3.12b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*", matchCriteriaId: "B3894F0E-37F8-4A89-87AC-1DB524D4AE04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-823_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99D9046B-206E-4267-98BA-BF572682F134", versionEndIncluding: "1.00b06", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-823:-:*:*:*:*:*:*:*", matchCriteriaId: "EC426833-BEA7-4029-BBBB-94688EE801BC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-865l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4406996E-761D-4EDC-9877-17B7472C1422", versionEndIncluding: "1.07b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-865l:-:*:*:*:*:*:*:*", matchCriteriaId: "F3A853DF-6DF1-4E8E-8D55-95279EE0CB30", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9D90548-24FD-416F-9159-6F7AB318C923", versionEndIncluding: "1.12b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-868l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0B0CA3A5-CF3D-4D1B-BB07-EE0D91901BC9", versionEndIncluding: "2.05b02", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-868l:-:*:*:*:*:*:*:*", matchCriteriaId: "33B501D4-BDDD-485E-A5A3-8AA8D5E46061", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-869_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "499E8ADA-B4ED-42B2-B237-716A77BD546A", versionEndIncluding: "1.03b02", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-869:-:*:*:*:*:*:*:*", matchCriteriaId: "E9EB6E8E-03FA-4477-B97A-0752B7C443F0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-880l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE7C571B-BCCB-4853-A08E-2EF9A64C94CD", versionEndIncluding: "1.08b04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-880l:-:*:*:*:*:*:*:*", matchCriteriaId: "CC772491-6371-4712-B358-E74D9C5062FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-890l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50FCDBDC-32F8-42DF-BD3C-A9EFC11D036C", versionEndIncluding: "1.11b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-890l:-:*:*:*:*:*:*:*", matchCriteriaId: "B1EA89C7-4655-43A3-9D2B-D57640D56C09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-890r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DA0BEAAD-6330-47FE-A8F6-665C3F346619", versionEndIncluding: "1.11b01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-890r:-:*:*:*:*:*:*:*", matchCriteriaId: "D678E889-3D74-4D16-84D0-41F547519A7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-885l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48D9C475-FB79-4D18-823C-0A3F01CB478E", versionEndIncluding: "1.12b05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-885l:-:*:*:*:*:*:*:*", matchCriteriaId: "AD481B64-A25D-4123-B575-20EC3C524D9C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-885r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0261FBA8-D370-4581-B4AE-E8DBF4546C50", versionEndIncluding: "1.12b05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-885r:-:*:*:*:*:*:*:*", matchCriteriaId: "8E0351A1-D161-468E-A2C4-1FB92E978DA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-895l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CBB7A220-2C3E-45B4-BA2E-D6C595B391D7", versionEndIncluding: "1.12b10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-895l:-:*:*:*:*:*:*:*", matchCriteriaId: "0B9EBC5D-43DE-4B26-8272-5A9AD2ECE2E2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-895r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E4B2469-DDAB-4FD1-A446-B304AAF78BB3", versionEndIncluding: "1.12b10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-895r:-:*:*:*:*:*:*:*", matchCriteriaId: "DF2DADDD-2F1C-458D-B3F5-07EE0FE35E92", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:dlink:dir-818lx_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "072F053E-4DAB-4246-BEE7-F4813957BF56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:dlink:dir-818lx:-:*:*:*:*:*:*:*", matchCriteriaId: "1B6E718C-2E2A-4E9B-A83D-25C01F681301", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.", }, { lang: "es", value: "Los routers D-Link DIR-859 versiones anteriores a la versión v1.07b03_beta, permiten una divulgación de información no autenticada por medio del valor AUTHORIZED_GROUP=1%0a, como es demostrado por el archivo vpnconfig.php.", }, ], id: "CVE-2019-20213", lastModified: "2024-11-21T04:38:13.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-02T14:16:36.533", references: [ { source: "cve@mitre.org", url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", }, { source: "cve@mitre.org", url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2019-20213
Vulnerability from cvelistv5
Published
2020-01-02 01:03
Modified
2024-08-05 02:39
Severity ?
EPSS score ?
Summary
D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:39:09.121Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-02T01:03:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", }, { tags: [ "x_refsource_MISC", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", }, { tags: [ "x_refsource_MISC", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { tags: [ "x_refsource_MISC", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-20213", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUTHORIZED_GROUP=1%0a value, as demonstrated by vpnconfig.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", refsource: "MISC", url: "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-en-faf1a9a13f3f", }, { name: "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", refsource: "MISC", url: "https://medium.com/@s1kr10s/d-link-dir-859-unauthenticated-information-disclosure-es-6540f7f55b03", }, { name: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", refsource: "MISC", url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { name: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", refsource: "MISC", url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-20213", datePublished: "2020-01-02T01:03:16", dateReserved: "2020-01-02T00:00:00", dateUpdated: "2024-08-05T02:39:09.121Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17621
Vulnerability from cvelistv5
Published
2019-12-30 16:09
Modified
2025-02-04 20:34
Severity ?
EPSS score ?
Summary
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:47:13.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.dlink.com/en/security-bulletin", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2019-17621", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T20:33:59.746115Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-06-29", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-17621", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T20:34:06.306Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-22T18:06:22.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.dlink.com/en/security-bulletin", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { tags: [ "x_refsource_MISC", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", }, { tags: [ "x_refsource_MISC", ], url: "https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17621", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", refsource: "MISC", url: "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", }, { name: "https://www.dlink.com/en/security-bulletin", refsource: "MISC", url: "https://www.dlink.com/en/security-bulletin", }, { name: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", refsource: "CONFIRM", url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147", }, { name: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", refsource: "CONFIRM", url: "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146", }, { name: "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", refsource: "MISC", url: "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104", }, { name: "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", refsource: "MISC", url: "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", }, { name: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17621", datePublished: "2019-12-30T16:09:17.000Z", dateReserved: "2019-10-16T00:00:00.000Z", dateUpdated: "2025-02-04T20:34:06.306Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }