VAR-201905-1157
Vulnerability from variot - Updated: 2023-12-18 12:28In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $path_inf_wan1."/web" internal configuration memory without any regex checking. And in the IPTWAN_build_command function of the iptwan.php source code, the data in $path_inf_wan1."/web" is used with the iptables command without any regex checking. A vulnerable /HNAP1/SetRouterSettings XML message could have shell metacharacters in the RemotePort element such as the telnetd string. DIR-818LW and DIR-822 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-822 and so on are all wireless routers produced by Taiwan D-Link Company. There is an operating system command injection vulnerability in /HNAP1/SetAccessPointMode in several D-Link products. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands. The following products and versions are affected: D-Link DIR-822 Rev.B 202KRb06; DIR-822 Rev.C 3.10B06; DIR-860L Rev.B 2.03.B03; DIR-868L Rev.B 2.05B02; DIR-880L Rev.A 1.20B01_01_i3se_BETA, version; DIR-890L Rev.A 1.21B02_BETA version
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-1157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-822",
"scope": "eq",
"trust": 1.0,
"vendor": "d link",
"version": "202krb06"
},
{
"model": "dir-818lw",
"scope": "eq",
"trust": 1.0,
"vendor": "d link",
"version": "2.05.b03"
},
{
"model": "dir-818l",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "2.05.b03"
},
{
"model": "dir-822",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "b1 202krb06"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dir-818lw_firmware:2.05.b03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:d-link:dir-822_firmware:202krb06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19986"
}
]
},
"cve": "CVE-2018-19986",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-19986",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130700",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130701",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-130702",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130703",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-130705",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-19986",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-19986",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-305",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-130700",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130701",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130702",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130703",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130705",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-19986",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the vulnerability affects D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 devices. In the SetRouterSettings.php source code, the RemotePort parameter is saved in the $path_inf_wan1.\"/web\" internal configuration memory without any regex checking. And in the IPTWAN_build_command function of the iptwan.php source code, the data in $path_inf_wan1.\"/web\" is used with the iptables command without any regex checking. A vulnerable /HNAP1/SetRouterSettings XML message could have shell metacharacters in the RemotePort element such as the `telnetd` string. DIR-818LW and DIR-822 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-822 and so on are all wireless routers produced by Taiwan D-Link Company. There is an operating system command injection vulnerability in /HNAP1/SetAccessPointMode in several D-Link products. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands. The following products and versions are affected: D-Link DIR-822 Rev.B 202KRb06; DIR-822 Rev.C 3.10B06; DIR-860L Rev.B 2.03.B03; DIR-868L Rev.B 2.05B02; DIR-880L Rev.A 1.20B01_01_i3se_BETA, version; DIR-890L Rev.A 1.21B02_BETA version",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "VULMON",
"id": "CVE-2018-19986"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-19986",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-305",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-130700",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201905-309",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-130701",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201905-307",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-130702",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201905-308",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-130703",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201905-313",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-130705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-19986",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"id": "VAR-201905-1157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
}
],
"trust": 1.0833333
},
"last_update_date": "2023-12-18T12:28:15.089000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DIR-818LW",
"trust": 0.8,
"url": "https://support.dlink.com/productinfo.aspx?m=dir-818lw,"
},
{
"title": "DIR-822",
"trust": 0.8,
"url": "http://www.mydlink.co.kr/2013/beta_board/product_detail.php?no=205\u0026model=dir-822"
},
{
"title": "blogpost_cve-2018-19987-analysis",
"trust": 0.1,
"url": "https://github.com/nahueldsanchez/blogpost_cve-2018-19987-analysis "
},
{
"title": "dir2md",
"trust": 0.1,
"url": "https://github.com/xinroom/dir2md "
},
{
"title": "FirmAE",
"trust": 0.1,
"url": "https://github.com/pr0v3rbs/firmae "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/sinword/firmae_connlab "
},
{
"title": "SecBooks",
"trust": 0.1,
"url": "https://github.com/sexybeast233/secbooks "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.5
},
{
"problemtype": "CWE-77",
"trust": 1.3
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://github.com/pr0v3rbs/cve/tree/master/cve-2018-19986%20-%2019990"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19986"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19986"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://github.com/nahueldsanchez/blogpost_cve-2018-19987-analysis"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-130700"
},
{
"db": "VULHUB",
"id": "VHN-130701"
},
{
"db": "VULHUB",
"id": "VHN-130702"
},
{
"db": "VULHUB",
"id": "VHN-130703"
},
{
"db": "VULHUB",
"id": "VHN-130705"
},
{
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-130700"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-130701"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-130702"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-130703"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-130705"
},
{
"date": "2019-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"date": "2019-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"date": "2019-05-13T14:29:01.143000",
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"date": "2019-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-130700"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-130701"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-130702"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-130703"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-130705"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2018-19986"
},
{
"date": "2019-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015436"
},
{
"date": "2023-04-26T18:55:30.893000",
"db": "NVD",
"id": "CVE-2018-19986"
},
{
"date": "2020-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DIR-818LW and DIR-822 Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015436"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-305"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…