CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12786

An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-protected.pdf
https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-protected.pdf

Products affected by CVE-2019-12786

Dlink » Dir-818lw » Version: N/A

cpe:2.3:h:dlink:dir-818lw:-
Dlink » Dir-818lw Firmware » Version: 2.05.b03

cpe:2.3:o:dlink:dir-818lw_firmware:2.05.b03
Dlink » Dir-818lw Firmware » Version: 2.06b01

cpe:2.3:o:dlink:dir-818lw_firmware:2.06b01

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12786

Products

Pricing

Contact Us