CVE-2018-19989 — OS Command Injection in D-link Dir-822 Firmware

CWE-78 — OS Command Injection3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

32.8%

top 3.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

D-link Dir-822 Firmware Dlink Dir-822 Firmware

Timeline

PublishedMay 13

Latest updateMay 24

Description

In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth internal configuration memory without any regex checking. And in the bwc_tc_spq_start, bwc_tc_wfq_start, and bwc_tc_adb_start functions of the bwcsvcs.php source code, the data in /bwc/entry:1/bandwidth an…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDdlink/dir-822_firmware3.10b06

▶NVDd-link/dir-822_firmware202krb06

🔴Vulnerability Details

GHSA

GHSA-62vf-2f7p-wwr4: In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev↗2022-05-24

▶

CVEList

CVE-2018-19989: In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev↗2019-05-13

▶