CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html
https://us.dlink.com/en/security-advisory
https://www.dlink.com/en/security-bulletin
http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html
https://us.dlink.com/en/security-advisory
https://www.dlink.com/en/security-bulletin

Products affected by CVE-2019-14337

Dlink » 6600-Ap » Version: N/A

cpe:2.3:h:dlink:6600-ap:-
Dlink » Dwl-3600ap » Version: N/A

cpe:2.3:h:dlink:dwl-3600ap:-
Dlink » 6600-Ap Firmware » Version: 4.2.0.14

cpe:2.3:o:dlink:6600-ap_firmware:4.2.0.14
Dlink » Dwl-3600ap Firmware » Version: 4.2.0.14

cpe:2.3:o:dlink:dwl-3600ap_firmware:4.2.0.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14337

Products

Pricing

Contact Us