CVE-2019-20500

D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113	Patch Vendor Advisory
https://www.exploit-db.com/exploits/46841	Exploit Third Party Advisory VDB Entry
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113	Patch Vendor Advisory
https://www.exploit-db.com/exploits/46841	Exploit Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dwl-2600ap_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dwl-2600ap:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:38

Type	Values Removed	Values Added
References	~~() https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113 - Patch, Vendor Advisory~~	() https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113 - Patch, Vendor Advisory
References	~~() https://www.exploit-db.com/exploits/46841 - Exploit, Third Party Advisory, VDB Entry~~	() https://www.exploit-db.com/exploits/46841 - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2020-03-05 15:15

Updated : 2024-11-21 04:38

NVD link : CVE-2019-20500

Mitre link : CVE-2019-20500

CVE.ORG link : CVE-2019-20500

JSON object : View

Products Affected

dlink

dwl-2600ap
dwl-2600ap_firmware

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2019-20500", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-03-05T15:15:11.253", "references": [{"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/46841", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10113", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/46841", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter."}, {"lang": "es", "value": "Los dispositivos D-Link DWL-2600AP versi\u00f3n 4.2.0.15 Rev A, presentan una vulnerabilidad de inyecci\u00f3n de comandos del Sistema Operativo autenticado por medio de la funcionalidad Save Configuration en la interfaz web, utilizando metacaracteres de shell en el par\u00e1metro configBackup o downloadServerip de admin.cgi?action=config_save."}], "lastModified": "2024-11-21T04:38:37.617", "cisaActionDue": "2023-07-20", "cisaExploitAdd": "2023-06-29", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dwl-2600ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E865D3E-7154-4C09-9D6E-3437040744D7", "versionEndIncluding": "4.2.0.15"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dwl-2600ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDA498E6-6804-4469-9FCD-A09CB7A8B178"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org", "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", "cisaVulnerabilityName": "D-Link DWL-2600AP Access Point Command Injection Vulnerability"}