Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10770

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-10771

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
cnvd
cnvd
added 2020/02/04 12:0 a.m.2 views

D-Link DIR-859 ssdpcgi() M-SEARCH arbitrary command execution vulnerability (CNVD-2020-13689)

The D-Link DIR-859 is a router device. A security vulnerability exists in the D-Link DIR-859 ssdpcgi M-SEARCH method handling, which can be exploited by remote attackers to submit a special request to execute arbitrary commands...

10CVSS9.3AI score0.75105EPSS
Exploits6References1
nvd
nvd
added 2020/01/29 3:15 a.m.26 views

CVE-2019-20217

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because SERVERID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attack...

10CVSS9.9AI score0.03558EPSS
Exploits0References3
osv
osv
added 2020/01/29 3:15 a.m.5 views

CVE-2019-20216

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because REMOTEPORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an...

9.8CVSS6AI score0.03673EPSS
Exploits0References3
prion
prion
added 2020/01/29 3:15 a.m.22 views

Design/Logic Flaw

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because SERVERID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attack...

10CVSS9.8AI score0.03673EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2020/01/29 2:23 a.m.28 views

CVE-2019-20215

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because HTTPST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker t...

9.8AI score0.75105EPSS
Exploits6References3
Rows per page
Query Builder