Skip to main content

Dir 850L A Firmware

1 CVEs product

Monthly

CVE-2019-17508 CRITICAL POC THREAT Emergency

On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection Dir 859 A3 Firmware Dir 850L A Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
15.8%
EPSS 16% CVSS 9.8
CRITICAL POC THREAT Emergency

On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link PHP Command Injection +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy