Russian Vulnerability Scanner Database

Back to List

BDU:2020-00558

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

9.8critical3.x
0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x
9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Description

Уязвимость микропрограммного обеспечения маршрутизаторов D-Link DIR-818Lx, DIR-822, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, DIR-895L/R существует из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системы. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольные команды от имени пользователя root в целевой системе в результате некорректной обработкой SUBSCRIBE-запроса в файле /gena.cgi

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

bdu

Related Vulnerabilities

CVE-2019-17621

Exploits

Exploit ID: BDU:2020-00558

Source: bdu_exploit

URL: https://bdu.fstec.ru/vul

Reference Links

https://nvd.nist.gov/vuln/detail?vulnId=CVE-2019-17621
https://medium.com/
s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html

Recommendations

Source: bdu

Обновление программного обеспечения до более новой версии

URL: https://bdu.fstec.ru/vul/2020-00558

Vulnerable Software (13)

Type: Configuration

Vendor: d-link corp.

Product: dir-818lx

Operating System: * *

Trait: 
{  "version_end_including": "2.05b03_Beta08"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-822

Operating System: * *

Trait: 
{  "version_end_including": "3.12b04"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-822

Operating System: * *

Trait: 
{  "version_end_including": "2.03b01"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-823

Operating System: * *

Trait: 
{  "version_end_including": "1.00b06_Beta"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-859

Operating System: * *

Trait: 
{  "version_end_including": "1.06b01Beta01"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-865l

Operating System: * *

Trait: 
{  "version_end_including": "1.07b01"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-868l

Operating System: * *

Trait: 
{  "version_end_including": "1.12b04"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-868l

Operating System: * *

Trait: 
{  "version_end_including": "2.05b02"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-869

Operating System: * *

Trait: 
{  "version_end_including": "1.03b02Beta02"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-880l

Operating System: * *

Trait: 
{  "version_end_including": "1.08b04"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-885l r

Operating System: * *

Trait: 
{  "version_end_including": "1.12b05"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-890l r

Operating System: * *

Trait: 
{  "version_end_including": "1.11b01_Beta01"}

Source: bdu

Type: Configuration

Vendor: d-link corp.

Product: dir-895l r

Operating System: * *

Trait: 
{  "version_end_including": "1.12b10"}

Source: bdu

End of list