4 matches found
CVE-2019-17508
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
CVE-2019-17508
On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable...
CVE-2019-17508
The CVE-2019-17508 entry covers command-injection on D-Link DIR-859 (A3-1.06) and DIR-850 (A1.13) devices via /etc/services/DEVICE.TIME.php, exploitable through the $SERVER variable. Multiple connected documents corroborate a remote-code-execution risk with high impact: CVSS v3.1 base score 9.8 (...
CVE-2019-17508
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkdir850lunauthexec.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...