CVE-2019-17621

Published: Dec 30, 2019Modified: Nov 7, 2025CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

Affected (21)

Products: Dlink: Dir 859 Firmware, Dir 822 Firmware, Dir 823 Firmware, Dir 865l Firmware, Dir 868l Firmware, Dir 869 Firmware, Dir 880l Firmware, Dir 890l Firmware, Dir 890r Firmware, Dir 885l Firmware, Dir 885r Firmware, Dir 895l Firmware, Dir 895r Firmware, Dir 818lx Firmware

14 products

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 859 Firmware	Up to 1.05b03
Dlink Dir 859 Firmware	Version 1.06b01 beta1

Running on/with	Platform Versions
Dlink Dir 859	All versions

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Dlink Dir 822 Firmware	Up to 2.03b01

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 822 Firmware	Up to 3.12b04

Running on/with	Platform Versions
Dlink Dir 822	All versions

Configuration D

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 823 Firmware	Up to 1.00b06
Dlink Dir 823 Firmware	Version 1.00b06 beta

Running on/with	Platform Versions
Dlink Dir 823	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 865l Firmware	Up to 1.07b01

Running on/with	Platform Versions
Dlink Dir 865l	All versions

Configuration F

1 vulnerable

Vulnerable Software	Affected Versions
Dlink Dir 868l Firmware	Up to 1.12b04

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 868l Firmware	Up to 2.05b02

Running on/with	Platform Versions
Dlink Dir 868l	All versions

Configuration H

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 869 Firmware	Up to 1.03b02
Dlink Dir 869 Firmware	Version 1.03b02 beta02

Running on/with	Platform Versions
Dlink Dir 869	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 880l Firmware	Up to 1.08b04

Running on/with	Platform Versions
Dlink Dir 880l	All versions

Configuration J

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 890l Firmware	Up to 1.11b01
Dlink Dir 890l Firmware	Version 1.11b01 beta01

Running on/with	Platform Versions
Dlink Dir 890l	All versions

Configuration K

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 890r Firmware	Up to 1.11b01
Dlink Dir 890r Firmware	Version 1.11b01 beta01

Running on/with	Platform Versions
Dlink Dir 890r	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 885l Firmware	Up to 1.12b05

Running on/with	Platform Versions
Dlink Dir 885l	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 885r Firmware	Up to 1.12b05

Running on/with	Platform Versions
Dlink Dir 885r	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 895l Firmware	Up to 1.12b10

Running on/with	Platform Versions
Dlink Dir 895l	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 895r Firmware	Up to 1.12b10

Running on/with	Platform Versions
Dlink Dir 895r	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dlink Dir 818lx Firmware	All versions

Running on/with	Platform Versions
Dlink Dir 818lx	All versions

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (15)

http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-en-d94b47a15104

Source: cve@mitre.org

ExploitThird Party Advisory

https://medium.com/%40s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9

Source: cve@mitre.org

Broken Link

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10146

Source: cve@mitre.org

PatchVendor Advisory

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147

Source: cve@mitre.org

PatchVendor Advisory

https://www.dlink.com/en/security-bulletin

Source: cve@mitre.org

Vendor Advisory

https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html