CVE-2019-17621

CRITICAL KEV

Dlink Dir-859 Firmware < 1.05b03 - OS Command Injection

Title source: rule

Description

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

Exploits (2)

nomisec WORKING POC 3 stars
by Squirre17 · remote
https://github.com/Squirre17/CVE-2019-17621
metasploit WORKING POC EXCELLENT
by Miguel Mendez Z., @s1kr10s, Pablo Pollanco P. · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/upnp/dlink_dir859_subscribe_exec.rb

References (8)

Scores

CVSS v3 9.8
EPSS 0.9301
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-06-29
VulnCheck KEV 2023-06-22
InTheWild.io 2023-06-29
ENISA EUVD EUVD-2019-7939
CWE
CWE-78
Status published
Products (19)
dlink/dir-818lx_firmware
dlink/dir-822_firmware < 2.03b01
dlink/dir-823_firmware 1.00b06 beta
dlink/dir-823_firmware < 1.00b06
dlink/dir-859_firmware 1.06b01 beta1
dlink/dir-859_firmware < 1.05b03
dlink/dir-865l_firmware < 1.07b01
dlink/dir-868l_firmware < 1.12b04
dlink/dir-869_firmware 1.03b02 beta02
dlink/dir-869_firmware < 1.03b02
... and 9 more
Published Dec 30, 2019
KEV Added Jun 29, 2023
Tracked Since Feb 18, 2026