D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header.
References
Link | Resource |
---|---|
https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/ | Exploit Third Party Advisory |
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-05T03:07:13
Updated: 2019-12-05T03:07:13
Reserved: 2019-12-05T00:00:00
Link: CVE-2019-19597
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-05T04:15:11.757
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-19597
JSON object: View
Redhat Information
No data.
CWE