Vulnerability Details CVE-2019-17621
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.925
EPSS Ranking 99.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html
- https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104
- https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
- https://www.dlink.com/en/security-bulletin
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf
- http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html
- https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104
- https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146
- https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147
- https://www.dlink.com/en/security-bulletin
- https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf
Products affected by CVE-2019-17621
-
cpe:2.3:h:dlink:dir-818lx:-
-
cpe:2.3:h:dlink:dir-822:-
-
cpe:2.3:h:dlink:dir-823:-
-
cpe:2.3:h:dlink:dir-859:-
-
cpe:2.3:h:dlink:dir-865l:-
-
cpe:2.3:h:dlink:dir-868l:-
-
cpe:2.3:h:dlink:dir-869:-
-
cpe:2.3:h:dlink:dir-880l:-
-
cpe:2.3:h:dlink:dir-885l:-
-
cpe:2.3:h:dlink:dir-885r:-
-
cpe:2.3:h:dlink:dir-890l:-
-
cpe:2.3:h:dlink:dir-890r:-
-
cpe:2.3:h:dlink:dir-895l:-
-
cpe:2.3:h:dlink:dir-895r:-
-
cpe:2.3:o:dlink:dir-818lx_firmware:-
-
cpe:2.3:o:dlink:dir-822_firmware:-
-
cpe:2.3:o:dlink:dir-822_firmware:1.0.2
-
cpe:2.3:o:dlink:dir-822_firmware:2.00krb06
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb01
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb05
-
cpe:2.3:o:dlink:dir-822_firmware:2.02krb06
-
cpe:2.3:o:dlink:dir-822_firmware:2.03b01
-
cpe:2.3:o:dlink:dir-822_firmware:3.01
-
cpe:2.3:o:dlink:dir-822_firmware:3.10b06
-
cpe:2.3:o:dlink:dir-822_firmware:3.12b04
-
cpe:2.3:o:dlink:dir-823_firmware:-
-
cpe:2.3:o:dlink:dir-823_firmware:1.00
-
cpe:2.3:o:dlink:dir-823_firmware:1.00b06
-
cpe:2.3:o:dlink:dir-859_firmware:1.03.b04
-
cpe:2.3:o:dlink:dir-859_firmware:1.05
-
cpe:2.3:o:dlink:dir-859_firmware:1.05b03
-
cpe:2.3:o:dlink:dir-859_firmware:1.06b01
-
cpe:2.3:o:dlink:dir-865l_firmware:-
-
cpe:2.3:o:dlink:dir-865l_firmware:1.07b01
-
cpe:2.3:o:dlink:dir-868l_firmware:-
-
cpe:2.3:o:dlink:dir-868l_firmware:1.10
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12_eu_multi_20170316
-
cpe:2.3:o:dlink:dir-868l_firmware:1.12b04
-
cpe:2.3:o:dlink:dir-868l_firmware:2.00
-
cpe:2.3:o:dlink:dir-868l_firmware:2.01
-
cpe:2.3:o:dlink:dir-868l_firmware:2.03
-
cpe:2.3:o:dlink:dir-868l_firmware:2.05b02
-
cpe:2.3:o:dlink:dir-869_firmware:-
-
cpe:2.3:o:dlink:dir-869_firmware:1.03b02
-
cpe:2.3:o:dlink:dir-880l_firmware:-
-
cpe:2.3:o:dlink:dir-880l_firmware:1.07
-
cpe:2.3:o:dlink:dir-880l_firmware:1.07.b08
-
cpe:2.3:o:dlink:dir-880l_firmware:1.08b04
-
cpe:2.3:o:dlink:dir-885l_firmware:-
-
cpe:2.3:o:dlink:dir-885l_firmware:1.02
-
cpe:2.3:o:dlink:dir-885l_firmware:1.11
-
cpe:2.3:o:dlink:dir-885l_firmware:1.12b05
-
cpe:2.3:o:dlink:dir-885r_firmware:-
-
cpe:2.3:o:dlink:dir-885r_firmware:1.12b05
-
cpe:2.3:o:dlink:dir-890l_firmware:-
-
cpe:2.3:o:dlink:dir-890l_firmware:1.05
-
cpe:2.3:o:dlink:dir-890l_firmware:1.07b09
-
cpe:2.3:o:dlink:dir-890l_firmware:1.09
-
cpe:2.3:o:dlink:dir-890l_firmware:1.11b01
-
cpe:2.3:o:dlink:dir-890r_firmware:-
-
cpe:2.3:o:dlink:dir-890r_firmware:1.11b01
-
cpe:2.3:o:dlink:dir-895l_firmware:-
-
cpe:2.3:o:dlink:dir-895l_firmware:1.02
-
cpe:2.3:o:dlink:dir-895l_firmware:1.11
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12
-
cpe:2.3:o:dlink:dir-895l_firmware:1.12b10
-
cpe:2.3:o:dlink:dir-895r_firmware:-
-
cpe:2.3:o:dlink:dir-895r_firmware:1.12b10