Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.9 views

CVE-2019-20215

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because HTTPST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker t...

10CVSS7.9AI score0.75105EPSS
Exploits6References1
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.75 views

DLink DIR-859 1.05 & 1.06B01 Multiple Vulnerabilities (RCE)

The version of DLink installed on the remote host is prior to 1.07b03. It is, therefore, affected by multiple remote code execution vulnerabilities as referenced in the vendor advisory. - The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an...

10CVSS9.8AI score0.89624EPSS
Exploits13References6
Check Point Advisories
Check Point Advisories
added 2020/05/21 12:0 a.m.30 views

D-Link DIR-859 Remote Code Execution (CVE-2019-20215)

A remote code execution vulnerability exists in D-Link DIR-859. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS6.1AI score0.75105EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/02/10 12:0 a.m.532 views

D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...

10CVSS7.4AI score0.75105EPSS
Exploits6
0day.today
0day.today
added 2020/02/10 12:0 a.m.87 views

D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...

10CVSS1.1AI score0.75105EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/02/07 12:0 a.m.162 views

D-Link ssdpcgi Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...

10CVSS0.7AI score0.75105EPSS
Exploits6
Cvelist
Cvelist
added 2020/01/29 2:23 a.m.28 views

CVE-2019-20215

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because HTTPST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker t...

9.8AI score0.75105EPSS
Exploits6References3
CVE
CVE
added 2020/01/29 2:23 a.m.175 views

CVE-2019-20215

CVE-2019-20215 affects D-Link DIR-859 firmware 1.05 and 1.06B01 Beta01. It is a remote code execution vulnerability in the ssdpcgi() M-SEARCH handling, where the urn: service/device string is checked via strstr, enabling an attacker to append arbitrary shell commands. Related entries note additio...

10CVSS9.7AI score0.75105EPSS
Exploits6References3Affected Software1
Metasploit
Metasploit
added 2020/01/28 7:15 p.m.27 views

D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi

D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi',...

9.8CVSS7.7AI score0.75105EPSS
Exploits6
Circl
Circl
added 2018/05/29 3:50 p.m.30 views

CVE-2019-20215

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/upnp/dlinkupnpmsearchexec.rb 2020-02-05 19:28:22+00:00| seen|...

10CVSS8.6AI score0.75105EPSS
Exploits6References5
Rows per page
Query Builder