CVE-2019-12786

An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dlink:dir-818lw_firmware:2.05.b03:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-818lw_firmware:2.06b01:beta:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-06-10 18:29

Updated : 2024-02-04 20:20


NVD link : CVE-2019-12786

Mitre link : CVE-2019-12786

CVE.ORG link : CVE-2019-12786


JSON object : View

Products Affected

dlink

  • dir-818lw
  • dir-818lw_firmware
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')