Vulnerability Details CVE-2018-19300
On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory. By sending a GET request with specially crafted headers to the /EXCU_SHELL URI, an attacker could execute arbitrary shell commands in the root context on the affected device. Other devices might be affected as well.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.302
EPSS Ranking 96.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://community.greenbone.net/t/cve-2018-19300-remote-command-execution-vulnerability-in-d-link-dwr-and-dap-routers/1772
- https://eu.dlink.com/de/de/support/support-news/2019/march/19/remote-command-execution-vulnerability-in-d-link-dwr-and-dap-routers
- https://www.greenbone.net/en/serious-vulnerability-discovered-in-d-link-routers/
- https://www.greenbone.net/schwerwiegende-sicherheitsluecke-in-d-link-routern-entdeckt/
- https://community.greenbone.net/t/cve-2018-19300-remote-command-execution-vulnerability-in-d-link-dwr-and-dap-routers/1772
- https://eu.dlink.com/de/de/support/support-news/2019/march/19/remote-command-execution-vulnerability-in-d-link-dwr-and-dap-routers
- https://www.greenbone.net/en/serious-vulnerability-discovered-in-d-link-routers/
- https://www.greenbone.net/schwerwiegende-sicherheitsluecke-in-d-link-routern-entdeckt/
Products affected by CVE-2018-19300
-
cpe:2.3:h:dlink:dap-1530:-
-
cpe:2.3:h:dlink:dap-1610:-
-
cpe:2.3:h:dlink:dwr-111:-
-
cpe:2.3:h:dlink:dwr-116:-
-
cpe:2.3:h:dlink:dwr-512:-
-
cpe:2.3:h:dlink:dwr-711:-
-
cpe:2.3:h:dlink:dwr-712:-
-
cpe:2.3:h:dlink:dwr-921:-
-
cpe:2.3:o:d-link:dap-1530_firmware:*
-
cpe:2.3:o:d-link:dap-1610_firmware:*
-
cpe:2.3:o:d-link:dwr-116_firmware:1.06
-
cpe:2.3:o:d-link:dwr-711_firmware:*
-
cpe:2.3:o:dlink:dwr-111_firmware:1.00
-
cpe:2.3:o:dlink:dwr-111_firmware:1.01
-
cpe:2.3:o:dlink:dwr-116_firmware:1.00
-
cpe:2.3:o:dlink:dwr-116_firmware:1.01
-
cpe:2.3:o:dlink:dwr-116_firmware:1.02
-
cpe:2.3:o:dlink:dwr-116_firmware:1.03
-
cpe:2.3:o:dlink:dwr-116_firmware:1.04
-
cpe:2.3:o:dlink:dwr-116_firmware:1.05
-
cpe:2.3:o:dlink:dwr-512_firmware:1.01
-
cpe:2.3:o:dlink:dwr-512_firmware:1.03
-
cpe:2.3:o:dlink:dwr-512_firmware:1.05
-
cpe:2.3:o:dlink:dwr-512_firmware:2.00
-
cpe:2.3:o:dlink:dwr-512_firmware:2.01
-
cpe:2.3:o:dlink:dwr-512_firmware:2.02
-
cpe:2.3:o:dlink:dwr-712_firmware:2.00
-
cpe:2.3:o:dlink:dwr-712_firmware:2.01
-
cpe:2.3:o:dlink:dwr-712_firmware:2.02
-
cpe:2.3:o:dlink:dwr-921_firmware:-
-
cpe:2.3:o:dlink:dwr-921_firmware:1.00
-
cpe:2.3:o:dlink:dwr-921_firmware:1.01
-
cpe:2.3:o:dlink:dwr-921_firmware:1.02
-
cpe:2.3:o:dlink:dwr-921_firmware:1.03
-
cpe:2.3:o:dlink:dwr-921_firmware:1.05
-
cpe:2.3:o:dlink:dwr-921_firmware:2.00
-
cpe:2.3:o:dlink:dwr-921_firmware:2.01
-
cpe:2.3:o:dlink:dwr-921_firmware:2.02