Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

The vulnerability of D-Link DIR-818Lx, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, and DIR-895L/R routers stems from the failure to address the issue of eliminating special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands on behalf of the root user in the target system.

🗓️ 11 Feb 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec🔗 bdu.fstec.ru👁 2 Views

D-Link routers risk root command execution via unsafe elements in /gena.cgi SUBSCRIBE handling.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
0day.today		D-Link DIR-859 Unauthenticated Remote Command Execution Exploit
23 Jan 202000:00
zdt
Gitee		Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform
8 Dec 202020:38
gitee
Gitee		Exploit for OS Command Injection in Dlink Dir-859_Firmware
14 Nov 202221:16
gitee
Gitee		Exploit for OS Command Injection in Dlink Dir-859_Firmware
27 Sep 202114:59
gitee
GithubExploit		Exploit for OS Command Injection in Dlink Dir-859_Firmware
20 Jul 202209:39
githubexploit
ATTACKERKB		CVE-2019-17621
28 Mar 201900:00
attackerkb
Circl		CVE-2019-17621
21 Jan 202013:41
circl
CISA KEV Catalog		D-Link DIR-859 Router Command Execution Vulnerability
29 Jun 202300:00
cisa_kev
CISA		 CISA Adds Eight Known Exploited Vulnerabilities to Catalog
29 Jun 202312:00
cisa
CNVD		Command Execution Vulnerability in DLINKDIR-859 Series Routers
31 Dec 201900:00
cnvd
Rows per page
Vulners
Node
d-linkdir-818lxRange2.05b03_beta08
OR
d-linkdir-822Range2.03b01
OR
d-linkdir-822Range3.12b04
OR
d-linkdir-823Range1.00b06_beta
OR
d-linkdir-859Range1.06b01beta01
OR
d-linkdir-865lRange1.07b01
OR
d-linkdir-868lRange1.12b04
OR
d-linkdir-868lRange2.05b02
OR
d-linkdir-880lRange1.08b04
OR
d-linkdir-890l_rRange1.11b01_beta01
OR
d-linkdir-885l_rRange1.12b05
OR
d-linkdir-895l_rRange1.12b10
OR
d-linkdir-869Range1.03b02beta02

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Feb 2025 00:00Current
8.4High risk
Vulners AI Score8.4
CVSS 39.8
CVSS 210
EPSS0.89624
D-Link routersroot command executiongena.cgisubscribe handlingunsafe elements
2