Details of VAR-201905-1159

ID

VAR-201905-1159

CVE

CVE-2018-19988

TITLE

D-Link DIR-868L Command injection vulnerability in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-015430

DESCRIPTION

In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable, and the vulnerabilities affect D-Link DIR-868L Rev.B 2.05B02 devices. In the SetClientInfoDemo.php source code, the AudioMute and AudioEnble parameters are saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. It needs to bypass the wget command option with a single quote. A vulnerable /HNAP1/SetClientInfoDemo XML message could have single quotes and backquotes in the AudioMute or AudioEnable element, such as the '`telnetd`' string. D-Link DIR-868L The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-868L is a wireless router made by Taiwan D-Link Company. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data. Attackers can exploit this vulnerability to execute illegal operating system commands

Trust: 1.8

sources: NVD: CVE-2018-19988 // JVNDB: JVNDB-2018-015430 // VULHUB: VHN-130702 // VULMON: CVE-2018-19988

AFFECTED PRODUCTS

vendor:

d link

model:

dir-868l

scope:

version:

2.05b02

Trust: 1.8

sources: JVNDB: JVNDB-2018-015430 // NVD: CVE-2018-19988

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-19988
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-19988
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201905-307
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-130702
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-19988
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-19988
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-130702
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-19988
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-130702 // VULMON: CVE-2018-19988 // JVNDB: JVNDB-2018-015430 // CNNVD: CNNVD-201905-307 // NVD: CVE-2018-19988

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.1
problemtype:	CWE-77	Trust: 0.9

sources: VULHUB: VHN-130702 // JVNDB: JVNDB-2018-015430 // NVD: CVE-2018-19988

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-307

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-307

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015430

PATCH

title:	DIR-868L	url:	https://support.dlink.com/ProductInfo.aspx?m=DIR-868L	Trust: 0.8
title:	FirmAE	url:	https://github.com/pr0v3rbs/FirmAE	Trust: 0.1
title:	-	url:	https://github.com/sinword/FirmAE_Connlab	Trust: 0.1

sources: VULMON: CVE-2018-19988 // JVNDB: JVNDB-2018-015430

EXTERNAL IDS

db:	NVD	id:	CVE-2018-19988	Trust: 2.6
db:	JVNDB	id:	JVNDB-2018-015430	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-307	Trust: 0.7
db:	VULHUB	id:	VHN-130702	Trust: 0.1
db:	VULMON	id:	CVE-2018-19988	Trust: 0.1

sources: VULHUB: VHN-130702 // VULMON: CVE-2018-19988 // JVNDB: JVNDB-2018-015430 // CNNVD: CNNVD-201905-307 // NVD: CVE-2018-19988

REFERENCES

url:	https://github.com/pr0v3rbs/cve/tree/master/cve-2018-19986%20-%2019990	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19988	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19988	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/pr0v3rbs/firmae	Trust: 0.1

sources: VULHUB: VHN-130702 // VULMON: CVE-2018-19988 // JVNDB: JVNDB-2018-015430 // CNNVD: CNNVD-201905-307 // NVD: CVE-2018-19988

SOURCES

db:	VULHUB	id:	VHN-130702
db:	VULMON	id:	CVE-2018-19988
db:	JVNDB	id:	JVNDB-2018-015430
db:	CNNVD	id:	CNNVD-201905-307
db:	NVD	id:	CVE-2018-19988

LAST UPDATE DATE

2024-11-23T21:37:16.451000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-130702	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2018-19988	date:	2023-04-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-015430	date:	2019-06-04T00:00:00
db:	CNNVD	id:	CNNVD-201905-307	date:	2020-05-22T00:00:00
db:	NVD	id:	CVE-2018-19988	date:	2024-11-21T03:58:56.967

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-130702	date:	2019-05-13T00:00:00
db:	VULMON	id:	CVE-2018-19988	date:	2019-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2018-015430	date:	2019-06-04T00:00:00
db:	CNNVD	id:	CNNVD-201905-307	date:	2019-05-13T00:00:00
db:	NVD	id:	CVE-2018-19988	date:	2019-05-13T14:29:01.270