Dir 825 Rev B Firmware
CVE-2019-9122
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request.
AnalysisAI
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request. Affected products include: Dlink Dir-825 Rev.B Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Dir 825 Rev B Firmware
View allAn issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated critical severity (CVSS 9.8), this vulnerability is
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. Rated high severity (CVSS 7.5), this vulnerability is remo
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today