Search criteria
2 vulnerabilities found for dba-1510p by dlink
VAR-201912-0071
Vulnerability from variot - Updated: 2024-11-23 22:25DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI). DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. goroh_kun) of COCON Inc, Technical Research Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. - CVE-2019-6014. D-Link DBA-1510P is a wireless access point device from Taiwan D-Link. This vulnerability originates from the process of externally inputting data to construct the executable command of the operating system, and the network system or product is not properly filtered. Special characters, commands, etc., attackers can use this vulnerability to execute illegal operating system commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0071",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dba-1510p",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.70b009"
},
{
"model": "dba-1510p",
"scope": "lte",
"trust": 0.8,
"vendor": "d link k k",
"version": "firmware 1.70b009"
},
{
"model": "dba-1510p \u003c=1.70b009",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "1.70b009"
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "1.70b005"
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:d-link_japan_dba-1510p",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
}
]
},
"cve": "CVE-2019-6013",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CVE-2019-6013",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2019-36969",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"id": "CVE-2019-6013",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6013",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2019-000062",
"trust": 0.8,
"value": "High"
},
{
"author": "IPA",
"id": "JVNDB-2019-000062",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-36969",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-293",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-6013",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers to execute arbitrary OS commands via Command Line Interface (CLI). DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. goroh_kun) of COCON Inc, Technical Research Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. - CVE-2019-6014. D-Link DBA-1510P is a wireless access point device from Taiwan D-Link. This vulnerability originates from the process of externally inputting data to construct the executable command of the operating system, and the network system or product is not properly filtered. Special characters, commands, etc., attackers can use this vulnerability to execute illegal operating system commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6013",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN95875796",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2019-36969",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-6013",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"id": "VAR-201912-0071",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
}
],
"trust": 1.24285713
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
}
]
},
"last_update_date": "2024-11-23T22:25:39.858000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "R1.70b010",
"trust": 0.8,
"url": "https://www.dlink-jp.com/product/dba-1510p#product_firmware"
},
{
"title": "Patch for D-Link DBA-1510P Operating System Command Injection Vulnerability (CNVD-2019-36969)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/186835"
},
{
"title": "D-Link DBA-1510P Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99001"
},
{
"title": "cvecat",
"trust": 0.1,
"url": "https://github.com/msantos/cvecat "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn95875796/index.html"
},
{
"trust": 1.7,
"url": "https://www.dlink-jp.com/product/dba-1510p#product_firmware"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2019/jvndb-2019-000062.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6013"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6014"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6013"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/msantos/cvecat"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"date": "2019-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"date": "2019-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"date": "2019-10-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"date": "2019-12-26T16:15:11.153000",
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-36969"
},
{
"date": "2020-01-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6013"
},
{
"date": "2019-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-293"
},
{
"date": "2024-11-21T04:45:54.880000",
"db": "NVD",
"id": "CVE-2019-6013"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple OS command injection vulnerabilities in DBA-1510P",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-293"
}
],
"trust": 0.6
}
}
VAR-201912-0072
Vulnerability from variot - Updated: 2024-11-23 22:25DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface. DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. goroh_kun) of COCON Inc, Technical Research Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. - CVE-2019-6014. D-Link DBA-1510P is a wireless access point device from Taiwan D-Link. Attackers can use this vulnerability to execute arbitrary operating system commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dba-1510p",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.70b009"
},
{
"model": "dba-1510p",
"scope": "lte",
"trust": 0.8,
"vendor": "d link k k",
"version": "firmware 1.70b009"
},
{
"model": "dba-1510p \u003c=1.70b009",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "1.70b009"
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "1.70b005"
},
{
"model": "dba-1510p",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:d-link_japan_dba-1510p",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
}
]
},
"cve": "CVE-2019-6014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2019-6014",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-36967",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-6014",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-000062",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6014",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2019-000062",
"trust": 0.8,
"value": "High"
},
{
"author": "IPA",
"id": "JVNDB-2019-000062",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-36967",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-292",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-6014",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface. DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. goroh_kun) of COCON Inc, Technical Research Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. - CVE-2019-6014. D-Link DBA-1510P is a wireless access point device from Taiwan D-Link. Attackers can use this vulnerability to execute arbitrary operating system commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "VULMON",
"id": "CVE-2019-6014"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6014",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN95875796",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2019-36967",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-6014",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"id": "VAR-201912-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
}
],
"trust": 1.24285713
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
}
]
},
"last_update_date": "2024-11-23T22:25:39.827000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "R1.70b010",
"trust": 0.8,
"url": "https://www.dlink-jp.com/product/dba-1510p#product_firmware"
},
{
"title": "Patch for D-Link DBA-1510P operating system command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/186827"
},
{
"title": "D-Link DBA-1510P Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://jvn.jp/en/jp/jvn95875796/index.html"
},
{
"trust": 1.7,
"url": "https://www.dlink-jp.com/product/dba-1510p#product_firmware"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2019/jvndb-2019-000062.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6013"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6014"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6014"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"date": "2019-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"date": "2019-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"date": "2019-10-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"date": "2019-12-26T16:15:11.263000",
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"date": "2020-01-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6014"
},
{
"date": "2019-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000062"
},
{
"date": "2020-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-292"
},
{
"date": "2024-11-21T04:45:54.983000",
"db": "NVD",
"id": "CVE-2019-6014"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DBA-1510P operating system command injection vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-36967"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-292"
}
],
"trust": 0.6
}
}