CVE-2019-20499
published 2020-03-05CVE-2019-20499: D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | dwl-2600ap_firmware | <= 4.2.0.15 | — |