Sign-up

ID

VAR-201905-1158


CVE

CVE-2018-19987


TITLE

plural D-Link Command injection vulnerability in product devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-015429

DESCRIPTION

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string. plural D-Link Product devices contain a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-822 and so on are all wireless routers produced by Taiwan D-Link Company. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands. The following products and versions are affected: D-Link DIR-822 Rev.B 202KRb06; DIR-822 Rev.C 3.10B06; DIR-860L Rev.B 2.03.B03; DIR-868L Rev.B 2.05B02; DIR-880L Rev.A 1.20B01_01_i3se_BETA, version; DIR-890L Rev.A 1.21B02_BETA version

Trust: 1.8

sources: NVD: CVE-2018-19987 // JVNDB: JVNDB-2018-015429 // VULHUB: VHN-130701 // VULMON: CVE-2018-19987

AFFECTED PRODUCTS

vendor:d linkmodel:dir-822scope:eqversion:202krb06

Trust: 1.8

vendor:d linkmodel:dir-860lscope:eqversion:2.03.b03

Trust: 1.8

vendor:d linkmodel:dir-868lscope:eqversion:2.05b02

Trust: 1.8

vendor:dlinkmodel:dir-822scope:eqversion:3.10b06

Trust: 1.0

vendor:d linkmodel:dir-818lwscope:eqversion:2.05.b03

Trust: 1.0

vendor:d linkmodel:dir-890l\/rscope:eqversion:1.21b02

Trust: 1.0

vendor:d linkmodel:dir-880lscope:eqversion:1.20b01_01_i3se

Trust: 1.0

vendor:d linkmodel:dir-822scope:eqversion:3.10b06

Trust: 0.8

vendor:d linkmodel:dir-880lscope:eqversion:1.20b01_01_i3se_beta

Trust: 0.8

vendor:d linkmodel:dir-890lscope:eqversion:1.21b02_beta

Trust: 0.8

sources: JVNDB: JVNDB-2018-015429 // NVD: CVE-2018-19987

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-19987
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-19987
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201905-309
value: CRITICAL

Trust: 0.6

VULHUB: VHN-130701
value: HIGH

Trust: 0.1

VULMON: CVE-2018-19987
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-19987
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-130701
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-19987
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-130701 // VULMON: CVE-2018-19987 // JVNDB: JVNDB-2018-015429 // CNNVD: CNNVD-201905-309 // NVD: CVE-2018-19987

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-130701 // JVNDB: JVNDB-2018-015429 // NVD: CVE-2018-19987

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-309

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-309

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015429

PATCH
title:DIR-890L/Rurl:https://support.dlink.com/ProductInfo.aspx?m=DIR-890L%2FR
Trust: 0.8
title:DIR-822-USurl:https://support.dlink.com/ProductInfo.aspx?m=DIR-822-US
Trust: 0.8
title:DIR-860Lurl:https://support.dlink.com/ProductInfo.aspx?m=DIR-860L
Trust: 0.8
title:DIR-868Lurl:https://support.dlink.com/ProductInfo.aspx?m=DIR-868L
Trust: 0.8
title:DIR-880Lurl:https://support.dlink.com/ProductInfo.aspx?m=DIR-880L
Trust: 0.8
title:Copy-Editingurl:https://github.com/caro-oviedo/Copy-Editing 
Trust: 0.1
title:blogpost_cve-2018-19987-analysisurl:https://github.com/nahueldsanchez/blogpost_cve-2018-19987-analysis 
Trust: 0.1
title: - url:https://github.com/sinword/FirmAE_Connlab 
Trust: 0.1
title:FirmAEurl:https://github.com/pr0v3rbs/FirmAE 
Trust: 0.1
title: - url:https://github.com/CVEDB/PoC-List 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-19987 // 
            
            
            
            JVNDB: JVNDB-2018-015429

EXTERNAL IDS
db:NVDid:CVE-2018-19987
Trust: 2.6
db:JVNDBid:JVNDB-2018-015429
Trust: 0.8
db:CNNVDid:CNNVD-201905-309
Trust: 0.7
db:VULHUBid:VHN-130701
Trust: 0.1
db:VULMONid:CVE-2018-19987
Trust: 0.1
sources:
            
            
            VULHUB: VHN-130701 // 
            
            
            
            VULMON: CVE-2018-19987 // 
            
            
            
            JVNDB: JVNDB-2018-015429 // 
            
            
            
            CNNVD: CNNVD-201905-309 // 
            
            
            
            NVD: CVE-2018-19987

REFERENCES
url:https://github.com/pr0v3rbs/cve/tree/master/cve-2018-19986%20-%2019990
Trust: 2.6
url:https://nvd.nist.gov/vuln/detail/cve-2018-19987
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19987
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://github.com/caro-oviedo/copy-editing
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/nahueldsanchez/blogpost_cve-2018-19987-analysis
Trust: 0.1
sources:
            
            
            VULHUB: VHN-130701 // 
            
            
            
            VULMON: CVE-2018-19987 // 
            
            
            
            JVNDB: JVNDB-2018-015429 // 
            
            
            
            CNNVD: CNNVD-201905-309 // 
            
            
            
            NVD: CVE-2018-19987

SOURCES
db:VULHUBid:VHN-130701
db:VULMONid:CVE-2018-19987
db:JVNDBid:JVNDB-2018-015429
db:CNNVDid:CNNVD-201905-309
db:NVDid:CVE-2018-19987

LAST UPDATE DATE
2024-11-23T21:37:16.369000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-130701date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-19987date:2023-04-26T00:00:00
db:JVNDBid:JVNDB-2018-015429date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-309date:2020-05-22T00:00:00
db:NVDid:CVE-2018-19987date:2024-11-21T03:58:56.823

SOURCES RELEASE DATE
db:VULHUBid:VHN-130701date:2019-05-13T00:00:00
db:VULMONid:CVE-2018-19987date:2019-05-13T00:00:00
db:JVNDBid:JVNDB-2018-015429date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-309date:2019-05-13T00:00:00
db:NVDid:CVE-2018-19987date:2019-05-13T14:29:01.207