6 matches found
CVE-2019-17508
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
PT-2022-2086 · D Link · D-Link Dir-850L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-850 versions ET850-1.08TRb03 Description: The issue is related to insufficient access control in the router's firmware, which can be exploited by a remote attacker to redirect users to an arbitrary URL. This can potentially lead to...
CVE-2019-17508
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
Command injection
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
CVE-2019-17508
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
CVE-2019-17508
The CVE-2019-17508 entry covers command-injection on D-Link DIR-859 (A3-1.06) and DIR-850 (A1.13) devices via /etc/services/DEVICE.TIME.php, exploitable through the $SERVER variable. Multiple connected documents corroborate a remote-code-execution risk with high impact: CVSS v3.1 base score 9.8 (...