Dlink: >> Dwl-2600ap Firmware >> 4.2.0.15 Security Vulnerabilities
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter.
CVSS Score
7.8
EPSS Score
0.927
Published
2020-03-05
CVE-2019-20500
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.
Known exploited
CVSS Score
7.8
EPSS Score
0.937
Published
2020-03-05
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter.
CVSS Score
7.8
EPSS Score
0.273
Published
2020-03-05