ID
VAR-E-201907-0037
CVE
| cve_id: | CVE-2019-13482 | Trust: 0.3 |
| cve_id: | CVE-2019-13481 | Trust: 0.3 |
sources:
BID: 109131
TITLE
D-Link DIR-818LW Multiple Command Injection Vulnerabilities
Trust: 0.3
sources:
BID: 109131
DESCRIPTION
D-Link DIR-818LW is prone to multiple command-injection vulnerabilities.
Exploiting these issues could allow an attacker to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions.
D-Link DIR-818LW devices with firmware 2.06betab01 are vulnerable.
Trust: 0.3
sources:
BID: 109131
AFFECTED PRODUCTS
| vendor: | d link | model: | dir-818lw 2.06betab01 | scope: | - | version: | - | Trust: 0.3 |
sources:
BID: 109131
EXPLOIT
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Trust: 0.3
sources:
BID: 109131
PRICE
Free
Trust: 0.3
sources:
BID: 109131
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 109131
CREDITS
TeamSeri0us
Trust: 0.3
sources:
BID: 109131
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-13482 | Trust: 0.3 |
| db: | NVD | id: | CVE-2019-13481 | Trust: 0.3 |
| db: | BID | id: | 109131 | Trust: 0.3 |
sources:
BID: 109131
REFERENCES
| url: | http://www.dlink.com/ | Trust: 0.3 |
| url: | https://github.com/teamseri0us/pocs/blob/master/iot/dlink/dir818-3.pdf | Trust: 0.3 |
| url: | https://github.com/teamseri0us/pocs/blob/master/iot/dlink/dir818-4.pdf | Trust: 0.3 |
sources:
BID: 109131
SOURCES
| db: | BID | id: | 109131 |
LAST UPDATE DATE
2022-07-27T09:44:33.688000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 109131 | date: | 2019-07-10T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 109131 | date: | 2019-07-10T00:00:00 |