Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:57 a.m.7 views

CVE-2019-20216

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because REMOTEPORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an...

10CVSS8.1AI score0.03673EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.75 views

DLink DIR-859 1.05 & 1.06B01 Multiple Vulnerabilities (RCE)

The version of DLink installed on the remote host is prior to 1.07b03. It is, therefore, affected by multiple remote code execution vulnerabilities as referenced in the vendor advisory. - The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an...

10CVSS9.8AI score0.89624EPSS
Exploits13References6
NVD
NVD
added 2020/01/29 3:15 a.m.23 views

CVE-2019-20216

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because REMOTEPORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an...

10CVSS9.9AI score0.03673EPSS
Exploits0References3
CVE
CVE
added 2020/01/29 2:28 a.m.106 views

CVE-2019-20216

CVE-2019-20216 affects D-Link DIR-859 routers (versions 1.05 and 1.06B01 Beta01). The flaw resides in ssdpcgi() handling of M-SEARCH requests and is triggered by the urn: to the M-SEARCH path, with REMOTE_PORT mishandled. The urn: service/device value is checked with strstr, enabling an attacker ...

10CVSS9.8AI score0.03673EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder