CVE-2019-16920

Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
dlinkdir-655_firmware
𝑥
≤ 3.02b05
dlinkdir-866l_firmware
𝑥
≤ 1.03b04
dlinkdir-652_firmware
-
dlinkdhp-1565_firmware
𝑥
≤ 1.01
dlinkdir-855l_firmware
-
dlinkdap-1533_firmware
-
dlinkdir-862l_firmware
-
dlinkdir-615_firmware
-
dlinkdir-835_firmware
-
dlinkdir-825_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://fortiguard.com/zeroday/FG-VD-19-117
https://medium.com/%4080vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3
https://www.kb.cert.org/vuls/id/766427
https://www.seebug.org/vuldb/ssvid-98079
https://fortiguard.com/zeroday/FG-VD-19-117
https://medium.com/%4080vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3
https://www.kb.cert.org/vuls/id/766427
https://www.seebug.org/vuldb/ssvid-98079