CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2019-16920

CVSS 9.8v3.1pub. 2019-09-27upd. 2025-11-07

Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dap 1533

    HW
    Dlink
    wszystkie wersje
  • Dlink Dap 1533 Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dhp 1565

    HW
    Dlink
    ax
  • Dlink Dhp 1565 Firmware

    OS
    Dlink
    ≤ 1.01
  • Dlink Dir 615

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 615 Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 652

    HW
    Dlink
    ax
  • Dlink Dir 652 Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 655

    HW
    Dlink
    cx
  • Dlink Dir 655 Firmware

    OS
    Dlink
    ≤ 3.02b05
  • Dlink Dir 825

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 825 Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 835

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 835 Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 855l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 855l Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 862l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 862l Firmware

    OS
    Dlink
    wszystkie wersje
  • Dlink Dir 866l

    HW
    Dlink
    ax
  • Dlink Dir 866l Firmware

    OS
    Dlink
    ≤ 1.03b04

CISA KEV — detailsi

Vendori
D-Link
Producti
Multiple Routers
Added to KEVi
March 25, 2022
Remediation deadline (US Federal)i
April 15, 2022(overdue)
Required action (CISA)i

The impacted product is end-of-life and should be disconnected if still in use.

CISA descriptioni

Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 15 kwietnia 2022
Tags
RCECommand Injection
CWE
References

Related vulnerabilities

CVE-2020-29557CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the...

CVE-2014-8361CRITICAL9.8⚠ KEVten sam produkt

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInt...

CVE-2018-25115CRITICAL10.0PL ✓ten sam produkt

D-Link DIR-series — nieuwierzytelniony command injection w service.cgi (root RCE)

CVE-2022-47035CRITICAL9.8ten sam produkt

Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute ...

CVE-2021-42627CRITICAL9.8ten sam produkt

The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly wi...