Vulnerabilites related to dlink - dir-412_firmware
CVE-2019-17511 (GCVE-0-2019-17511)
Vulnerability from cvelistv5
Published
2019-10-14 15:01
Modified
2024-08-05 01:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dahua966/Routers-vuls | x_refsource_MISC | |
| https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router\u0027s log file via log_get.php, which could be used to discover the intranet network structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-14T15:01:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router\u0027s log file via log_get.php, which could be used to discover the intranet network structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dahua966/Routers-vuls",
"refsource": "MISC",
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"name": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md",
"refsource": "MISC",
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17511",
"datePublished": "2019-10-14T15:01:29",
"dateReserved": "2019-10-11T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17512 (GCVE-0-2019-17512)
Vulnerability from cvelistv5
Published
2019-10-16 18:32
Modified
2024-08-05 01:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dahua966/Routers-vuls | x_refsource_MISC | |
| https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router\u0027s log file via act=clear\u0026logtype=sysact to log_clear.php, which could be used to erase attack traces."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T18:32:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router\u0027s log file via act=clear\u0026logtype=sysact to log_clear.php, which could be used to erase attack traces."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dahua966/Routers-vuls",
"refsource": "MISC",
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"name": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md",
"refsource": "MISC",
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17512",
"datePublished": "2019-10-16T18:32:41",
"dateReserved": "2019-10-11T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25115 (GCVE-0-2018-25115)
Vulnerability from cvelistv5
Published
2025-08-27 21:24
Modified
2025-08-28 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Cr0n1c/dlink_shell_poc/blob/master/dlink_auth_rce | technical-description, exploit | |
| https://www.exploit-db.com/exploits/43496 | exploit | |
| https://legacy.us.dlink.com/ | product | |
| https://support.dlink.com/EndOfLifePolicy.aspx | product | |
| https://www.vulncheck.com/advisories/dlink-dir-rce-service-cgi | third-party-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-28T13:53:40.553346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T13:55:16.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-110",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-412",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-600",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-615",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-645",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"modules": [
"service.cgi"
],
"product": "DIR-815",
"vendor": "D-Link",
"versions": [
{
"lessThanOrEqual": "Version A 1.3",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cr0n1c"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e2025-08-21 UTC.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
},
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T19:45:56.397Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://github.com/Cr0n1c/dlink_shell_poc/blob/master/dlink_auth_rce"
},
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/43496"
},
{
"tags": [
"product"
],
"url": "https://legacy.us.dlink.com/"
},
{
"tags": [
"product"
],
"url": "https://support.dlink.com/EndOfLifePolicy.aspx"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/dlink-dir-rce-service-cgi"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"x_known-exploited-vulnerability",
"unsupported-when-assigned"
],
"title": "D-Link DIR-110/412/600/615/645/815 RCE via service.cgi",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25115",
"datePublished": "2025-08-27T21:24:23.427Z",
"dateReserved": "2025-08-25T17:39:38.473Z",
"dateUpdated": "2025-08-28T19:45:56.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-10-16 19:15
Modified
2024-11-21 04:32
Severity ?
Summary
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router's log file via act=clear&logtype=sysact to log_clear.php, which could be used to erase attack traces.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/dahua966/Routers-vuls | Third Party Advisory | |
| cve@mitre.org | https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dahua966/Routers-vuls | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-412_firmware | a1-1.14ww | |
| dlink | dir-412 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-412_firmware:a1-1.14ww:*:*:*:*:*:*:*",
"matchCriteriaId": "8262C0D5-91FF-4E56-8F0A-3AD68D437DEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-412:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9F0503-566E-4431-94E9-6A293D406AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can clear the router\u0027s log file via act=clear\u0026logtype=sysact to log_clear.php, which could be used to erase attack traces."
},
{
"lang": "es",
"value": "Existen algunas interfaces web sin requisitos de autenticaci\u00f3n en los enrutadores D-Link DIR-412 versi\u00f3n A1-1.14WW. Un atacante puede borrar el archivo de registro del enrutador por medio de act=clear\u0026amp;logtype=sysact en el archivo log_clear.php, lo que podr\u00eda ser usado para borrar rastros de ataque."
}
],
"id": "CVE-2019-17512",
"lastModified": "2024-11-21T04:32:25.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-16T19:15:16.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-08-27 22:15
Modified
2025-09-24 18:03
Severity ?
Summary
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-110_firmware | - | |
| dlink | dir-110 | - | |
| dlink | dir-412_firmware | - | |
| dlink | dir-412 | - | |
| dlink | dir-600_firmware | - | |
| dlink | dir-600 | - | |
| dlink | dir-610_firmware | - | |
| dlink | dir-610 | - | |
| dlink | dir-615_firmware | - | |
| dlink | dir-615 | - | |
| dlink | dir-645_firmware | - | |
| dlink | dir-645 | - | |
| dlink | dir-815_firmware | 1.03 | |
| dlink | dir-815 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CD6F68-817F-444D-AA1F-DDA2DA80CDC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9CAA8A-44F0-4588-B7E9-7D6EA9805319",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-412_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71A61051-5F7C-4B17-A6C6-176A73C16D55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-412:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9F0503-566E-4431-94E9-6A293D406AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC0F027-857E-47D5-B2CD-9A397DA6E580",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A8637C-BD16-4B96-A1DA-34529F3169D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-610_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29CE8C74-E403-4700-A099-992E3AF3171E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9791464-912F-45F0-8A6C-A2BEDB7B59BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-615_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C55E6D4-820D-469F-A343-635A621C0D7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E92E959-C211-4979-A233-163BEFCF6F0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-645_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63D57ABB-B1D0-49EE-9304-F9688FBD593C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-645:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D49F68-E15D-478B-B88E-089291BF7DB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-815_firmware:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "FD298D8F-219F-4591-B55D-1F5AF675732E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50618B63-304B-4A61-AA50-5154E8690E88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [
{
"sourceIdentifier": "disclosure@vulncheck.com",
"tags": [
"unsupported-when-assigned"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC."
}
],
"id": "CVE-2018-25115",
"lastModified": "2025-09-24T18:03:34.613",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
},
"published": "2025-08-27T22:15:31.370",
"references": [
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit"
],
"url": "https://github.com/Cr0n1c/dlink_shell_poc/blob/master/dlink_auth_rce"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://legacy.us.dlink.com/"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Product"
],
"url": "https://support.dlink.com/EndOfLifePolicy.aspx"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/43496"
},
{
"source": "disclosure@vulncheck.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.vulncheck.com/advisories/dlink-dir-rce-service-cgi"
}
],
"sourceIdentifier": "disclosure@vulncheck.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "disclosure@vulncheck.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-14 16:15
Modified
2024-11-21 04:32
Severity ?
Summary
There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router's log file via log_get.php, which could be used to discover the intranet network structure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/dahua966/Routers-vuls | Third Party Advisory | |
| cve@mitre.org | https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dahua966/Routers-vuls | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dlink | dir-412_firmware | a1-1.14ww | |
| dlink | dir-412 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dlink:dir-412_firmware:a1-1.14ww:*:*:*:*:*:*:*",
"matchCriteriaId": "8262C0D5-91FF-4E56-8F0A-3AD68D437DEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dir-412:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9F0503-566E-4431-94E9-6A293D406AAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There are some web interfaces without authentication requirements on D-Link DIR-412 A1-1.14WW routers. An attacker can get the router\u0027s log file via log_get.php, which could be used to discover the intranet network structure."
},
{
"lang": "es",
"value": "Existen algunas interfaces web sin requisitos de autenticaci\u00f3n en los enrutadores D-Link DIR-412 A1-1.14WW. Un atacante puede obtener el archivo de registro del enrutador mediante el archivo log_get.php, que podr\u00eda usarse para descubrir la estructura de red de la intranet."
}
],
"id": "CVE-2019-17511",
"lastModified": "2024-11-21T04:32:24.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-14T16:15:10.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/dahua966/Routers-vuls/blob/master/DIR-412/vuls_info.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}