Enhancement: cves/2019/CVE-2019-16920.yaml by mp
parent
8ec39595b4
commit
ccd2202cd9
|
@ -1,14 +1,13 @@
|
|||
id: CVE-2019-16920
|
||||
|
||||
info:
|
||||
name: Unauthenticated Multiple D-Link Routers RCE
|
||||
name: D-Link Routers - Remote Code Execution
|
||||
author: dwisiswant0
|
||||
severity: critical
|
||||
description: Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device
|
||||
common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are
|
||||
also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
|
||||
description: D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these issues also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
|
||||
reference:
|
||||
- https://github.com/pwnhacker0x18/CVE-2019-16920-MassPwn3r
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2019-16920
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
|
@ -54,3 +53,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by mp on 2022/05/16
|
||||
|
|
Loading…
Reference in New Issue