Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-110597
HistorySep 27, 2019 - 12:00 a.m.

Multiple D-Link Products CVE-2019-16920 Remote Command Injection Vulnerability

2019-09-2700:00:00
Symantec Security Response
www.symantec.com
29
JSON

Description

Multiple D-Link products are prone to a command-injection vulnerability. Exploiting this issue could allow an attacker to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions.

Technologies Affected

  • D-Link DAP-1533
  • D-Link DHP-1565
  • D-Link DIR-615
  • D-Link DIR-652
  • D-Link DIR-655
  • D-Link DIR-825
  • D-Link DIR-835
  • D-Link DIR-855L
  • D-Link DIR-862L
  • D-Link DIR-866L

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Run all software as a nonprivileged user with minimal access rights.
Execute all software as a user with minimal privileges. Use additional precautions such as restrictive environments to insulate software that may potentially handle malicious content.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.

Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Related

checkpoint_advisories 1
cisa 1
attackerkb 1
openvas 2
githubexploit 1
nuclei 1
cve 1
nessus 1
prion 1
cert 1
cisa_kev 1
threatpost 4
ics 2
checkpoint_advisories
checkpoint_advisories
D-Link Routers Remote Code Execution (CVE-2019-16920)
2022-04-19 00:00:00
cisa
cisa
EOL D-Link Routers Vulnerable to Remote Command Execution
2019-10-24 00:00:00
attackerkb
attackerkb
CVE-2019-16920
2019-09-27 00:00:00
openvas
openvas
D-Link Multiple DIR Devices RCE Vulnerability (Sep 2019)
2023-02-24 00:00:00
D-Link Multiple DAP/DHP Devices RCE Vulnerability (Sep 2019)
2023-02-24 00:00:00
githubexploit
githubexploit
Exploit for OS Command Injection in Dlink Dir-655 Firmware
2019-10-15 17:54:03
nuclei
nuclei
D-Link Routers - Remote Code Execution
2020-10-01 08:21:26
cve
cve
CVE-2019-16920
2019-09-27 12:15:00
nessus
nessus
D-Link Routers Unauthenticated RCE (CVE-2019-16920)
2022-11-03 00:00:00
prion
prion
Command injection
2019-09-27 12:15:00
cert
cert
Multiple D-Link routers vulnerable to remote command execution
2019-10-23 00:00:00
cisa_kev
cisa_kev
D-Link Multiple Routers Command Injection Vulnerability
2022-03-25 00:00:00
threatpost
threatpost
D-Link Adds More Buggy Router Models to ‘Won’t Fix’ List
2019-11-19 21:52:34
D-Link Home Routers Open to Remote Takeover Will Remain Unpatched
2019-10-07 18:16:31
D-Link, IoT Devices Under Attack By Tor-Based Gafgyt Variant
2021-03-05 15:55:41
ics
ics
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
2022-06-10 12:00:00
Potential for China Cyber Response to Heightened U.S.–China Tensions
2020-10-20 12:00:00
JSON
Related for SMNTC-110597
checkpoint_advisories1cisa1attackerkb1openvas2githubexploit1nuclei1cve1nessus1prion1cert1cisa_kev1threatpost4ics2