Detections
Analytics

D-Link Routers RCE (CVE-2019-16057)

critical Nessus Plugin ID 172032

Language:

Synopsis

The remote router is affected by a remote command execution vulnerability.

Description

D-Link DNS-320 through 2.05.B10 is affected by command injection in the login_mgr.cgi component, which can lead to remote arbitrary code execution. The port parameter in the script could be poisoned to execute arbitrary commands, opening the door to an RCE attack. If the vulnerability is exploited a remote, unauthenticated attacker can access all application commands with root permission.

Note that Nessus has not tested for this issue but has instead relied only on the router's self-reported model.

Solution

Upgrade to a supported device.

See Also

http://www.nessus.org/u?8234be61

Plugin Details

Severity: Critical

ID: 172032

File Name: d-link_router_cve-2019-16057.nasl

Version: 1.2

Type: remote

Family: CGI abuses

Published: 3/1/2023

Updated: 8/9/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2019-16057

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

Required KB Items: www/d-link, d-link/model

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/11/2019

Vulnerability Publication Date: 9/15/2019

CISA Known Exploited Vulnerability Due Dates: 5/6/2022

Reference Information

CVE: CVE-2019-16057