CVE-2019-20217

CWE-78OS Command Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
5.8%
top 9.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dir-859 Firmware
Timeline
PublishedJan 29
Latest updateMay 24

Description

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDdlink/dir-859_firmware1.05, 1.06b01+1

Patches

Patch: supportannouncement.us.dlink.comPatch: supportannouncement.us.dlink.com

🔴Vulnerability Details

2
GHSA
GHSA-rm3g-gj58-gg6q: D-Link DIR-859 12022-05-24
CVEList
CVE-2019-20217: D-Link DIR-859 12020-01-29
CVE-2019-20217 (CRITICAL CVSS 9.8) | D-Link DIR-859 1.05 and 1.06B01 Bet | cvebase.io