⚠ Actively exploited
Added to CISA KEV on 2022-03-25. Federal agencies required to patch by 2022-04-15. Required action: The impacted product is end-of-life and should be disconnected if still in use..
CVE-2019-16920
Severity
9.8CRITICAL
EPSS
94.3%
top 0.04%
CISA KEV
KEV
Added 2022-03-25
Due 2022-04-15
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedSep 27
KEV addedMar 25
KEV dueApr 15
Latest updateMay 24
CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.
Description
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
🔴Vulnerability Details
3💥Exploits & PoCs
1Nuclei▶
D-Link Routers - Remote Code Execution