CVE-2018-19300
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
On D-Link DAP-1530 (A1) before firmware version 1.06b01, DAP-1610 (A1) before firmware version 1.06b01, DWR-111 (A1) before firmware version 1.02v02, DWR-116 (A1) before firmware version 1.06b03, DWR-512 (B1) before firmware version 2.02b01, DWR-711 (A1) through firmware version 1.11, DWR-712 (B1) before firmware version 2.04b01, DWR-921 (A1) before firmware version 1.02b01, and DWR-921 (B1) before firmware version 2.03b01, there exists an EXCU_SHELL file in the web directory. By sending a GET request with specially crafted headers to the /EXCU_SHELL URI, an attacker could execute arbitrary shell commands in the root context on the affected device. Other devices might be affected as well.
En D-Link DAP-1530 (A1) anterior a la versión de firmware 1.06b01, DAP-1610 (A1) anterior a la versión de firmware 1.06b01, DWR-111 (A1) anterior a la versión de firmware 1.02v02, DWR-116 (A1) anterior a la versión de firmware 1.06b03, DWR-512 (B1) anterior a la versión de firmware 2.02b01, DWR-711 (A1) hasta la versión de firmware 1.11, DWR-712 (B1) anterior a la versión de firmware 2.04b01, DWR-921 (A1) anterior a la versión de firmware 1.02b01, y DWR-921 (B1) anterior a la versión de firmware 2.03b01, existe un archivo EXCU_SHELL en el directorio web. Al enviar una petición GET con cabeceras especialmente diseñadas a la URI /EXCU_SHELL, un atacante podría ejecutar comandos shell arbitrarios en el contexto raíz del dispositivo afectado. Otros dispositivos también pueden verse afectados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-11-15 CVE Reserved
- 2019-04-11 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-11-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://www.greenbone.net/en/serious-vulnerability-discovered-in-d-link-routers | Third Party Advisory | |
| https://www.greenbone.net/schwerwiegende-sicherheitsluecke-in-d-link-routern-entdeckt | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://community.greenbone.net/t/cve-2018-19300-remote-command-execution-vulnerability-in-d-link-dwr-and-dap-routers/1772 | 2024-08-05 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| D-link Search vendor "D-link" | Dap-1530 Firmware Search vendor "D-link" for product "Dap-1530 Firmware" | <= 1.05 Search vendor "D-link" for product "Dap-1530 Firmware" and version " <= 1.05" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dap-1530 Search vendor "Dlink" for product "Dap-1530" | - | - |
Safe
|
| D-link Search vendor "D-link" | Dap-1610 Firmware Search vendor "D-link" for product "Dap-1610 Firmware" | <= 1.05 Search vendor "D-link" for product "Dap-1610 Firmware" and version " <= 1.05" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dap-1610 Search vendor "Dlink" for product "Dap-1610" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-111 Firmware Search vendor "Dlink" for product "Dwr-111 Firmware" | <= 1.01 Search vendor "Dlink" for product "Dwr-111 Firmware" and version " <= 1.01" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-111 Search vendor "Dlink" for product "Dwr-111" | - | - |
Safe
|
| D-link Search vendor "D-link" | Dwr-116 Firmware Search vendor "D-link" for product "Dwr-116 Firmware" | 1.06 Search vendor "D-link" for product "Dwr-116 Firmware" and version "1.06" | b1 |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-116 Search vendor "Dlink" for product "Dwr-116" | - | - |
Safe
|
| D-link Search vendor "D-link" | Dwr-116 Firmware Search vendor "D-link" for product "Dwr-116 Firmware" | 1.06 Search vendor "D-link" for product "Dwr-116 Firmware" and version "1.06" | b2 |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-116 Search vendor "Dlink" for product "Dwr-116" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-116 Firmware Search vendor "Dlink" for product "Dwr-116 Firmware" | <= 1.05 Search vendor "Dlink" for product "Dwr-116 Firmware" and version " <= 1.05" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-116 Search vendor "Dlink" for product "Dwr-116" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-512 Firmware Search vendor "Dlink" for product "Dwr-512 Firmware" | <= 2.02 Search vendor "Dlink" for product "Dwr-512 Firmware" and version " <= 2.02" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-512 Search vendor "Dlink" for product "Dwr-512" | - | - |
Safe
|
| D-link Search vendor "D-link" | Dwr-711 Firmware Search vendor "D-link" for product "Dwr-711 Firmware" | <= 1.11 Search vendor "D-link" for product "Dwr-711 Firmware" and version " <= 1.11" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-711 Search vendor "Dlink" for product "Dwr-711" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-712 Firmware Search vendor "Dlink" for product "Dwr-712 Firmware" | <= 2.02 Search vendor "Dlink" for product "Dwr-712 Firmware" and version " <= 2.02" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-712 Search vendor "Dlink" for product "Dwr-712" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-921 Firmware Search vendor "Dlink" for product "Dwr-921 Firmware" | <= 1.02 Search vendor "Dlink" for product "Dwr-921 Firmware" and version " <= 1.02" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-921 Search vendor "Dlink" for product "Dwr-921" | - | - |
Safe
|
| Dlink Search vendor "Dlink" | Dwr-921 Firmware Search vendor "Dlink" for product "Dwr-921 Firmware" | <= 2.02 Search vendor "Dlink" for product "Dwr-921 Firmware" and version " <= 2.02" | - |
Affected
| in | Dlink Search vendor "Dlink" | Dwr-921 Search vendor "Dlink" for product "Dwr-921" | - | - |
Safe
|