Vulnerability Details CVE-2014-8888
The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an "HTTP command injection issue."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.085
EPSS Ranking 91.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-815/REVB/DIR-815_REVB_FIRMWARE_PATCH_NOTES_2.03.B02_EN.PDF
- https://exchange.xforce.ibmcloud.com/vulnerabilities/110755
- ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-815/REVB/DIR-815_REVB_FIRMWARE_PATCH_NOTES_2.03.B02_EN.PDF
- https://exchange.xforce.ibmcloud.com/vulnerabilities/110755
Products affected by CVE-2014-8888
-
cpe:2.3:h:dlink:dir-815:-
-
cpe:2.3:o:dlink:dir-815_firmware:2.03.b02