CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17508

On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEVICE.TIME.php allows command injection via the $SERVER variable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.21

EPSS Ranking 95.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2019-17508

Dlink » Dir-850l A » Version: N/A

cpe:2.3:h:dlink:dir-850l_a:-
Dlink » Dir-859 A3 » Version: N/A

cpe:2.3:h:dlink:dir-859_a3:-
Dlink » Dir-850l A Firmware » Version: 1.13

cpe:2.3:o:dlink:dir-850l_a_firmware:1.13
Dlink » Dir-859 A3 Firmware » Version: 1.06

cpe:2.3:o:dlink:dir-859_a3_firmware:1.06

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved