Search
Find a vulnerability
Search criteria
6 vulnerabilities found for dir-655 by dlink
VAR-201909-0903
Vulnerability from variot - Updated: 2025-11-18 15:24Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-655C, etc. are all wireless routers from Taiwan D-Link. Attackers can use this vulnerability to inject commands to invade the system. The following products and versions are affected: D-Link DIR-655C; DIR-866L; DIR-652; DHP-1565, etc.
Exploiting this issue could allow an malicious user to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0903",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-652",
"scope": "eq",
"trust": 1.6,
"vendor": "dlink",
"version": null
},
{
"model": "dhp-1565",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dir-652",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dir-866l",
"scope": null,
"trust": 1.4,
"vendor": "d link",
"version": null
},
{
"model": "dir-825",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dir-655",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "3.02b05"
},
{
"model": "dir-862l",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dir-866l",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.03b04"
},
{
"model": "dir-615",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dap-1533",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dir-835",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "dhp-1565",
"scope": "lte",
"trust": 1.0,
"vendor": "dlink",
"version": "1.01"
},
{
"model": "dir-855l",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-655",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-655c",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
},
{
"model": "dir-652",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "ax"
},
{
"model": "dir-655",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "cx"
},
{
"model": "dir-866l",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "ax"
},
{
"model": "dhp-1565",
"scope": "eq",
"trust": 0.6,
"vendor": "dlink",
"version": "ax"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:d-link:dhp-1565_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:d-link:dir-652_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:d-link:dir-655_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:d-link:dir-866l_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
}
]
},
"cve": "CVE-2019-16920",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-16920",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 6.7,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 10.0,
"id": "CVE-2019-16920",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-33820",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-149115",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-16920",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-16920",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-16920",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2019-16920",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-16920",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-16920",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-33820",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-1326",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-149115",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-16920",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a \"PingTest\" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-655C, etc. are all wireless routers from Taiwan D-Link. Attackers can use this vulnerability to inject commands to invade the system. The following products and versions are affected: D-Link DIR-655C; DIR-866L; DIR-652; DHP-1565, etc. \n \nExploiting this issue could allow an malicious user to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-16920"
},
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "VULMON",
"id": "CVE-2019-16920"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/766427",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-16920",
"trust": 4.0
},
{
"db": "CERT/CC",
"id": "VU#766427",
"trust": 1.9
},
{
"db": "SEEBUG",
"id": "SSVID-98079",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU95198984",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-33820",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-149115",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-16920",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"id": "VAR-201909-0903",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
}
],
"trust": 1.3022921822222222
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-33820"
}
]
},
"last_update_date": "2025-11-18T15:24:49.493000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dlink.com/en/consumer"
},
{
"title": "myscan",
"trust": 0.1,
"url": "https://github.com/amcai/myscan "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://fortiguard.com/zeroday/fg-vd-19-117"
},
{
"trust": 1.7,
"url": "https://www.seebug.org/vuldb/ssvid-98079"
},
{
"trust": 1.5,
"url": "https://medium.com/@80vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/766427"
},
{
"trust": 1.0,
"url": "https://medium.com/%4080vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2019-16920"
},
{
"trust": 0.8,
"url": "https://www.fortinet.com/blog/threat-research/d-link-routers-found-vulnerable-rce.html"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc3875"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16920"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95198984/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16920"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#766427"
},
{
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"db": "VULHUB",
"id": "VHN-149115"
},
{
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-23T00:00:00",
"db": "CERT/CC",
"id": "VU#766427"
},
{
"date": "2019-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"date": "2019-09-27T00:00:00",
"db": "VULHUB",
"id": "VHN-149115"
},
{
"date": "2019-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"date": "2019-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"date": "2019-09-27T12:15:10.017000",
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-25T00:00:00",
"db": "CERT/CC",
"id": "VU#766427"
},
{
"date": "2019-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-33820"
},
{
"date": "2019-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-149115"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-16920"
},
{
"date": "2019-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1326"
},
{
"date": "2019-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009977"
},
{
"date": "2025-11-07T19:37:32.660000",
"db": "NVD",
"id": "CVE-2019-16920"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple D-Link routers vulnerable to remote command execution",
"sources": [
{
"db": "CERT/CC",
"id": "VU#766427"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1326"
}
],
"trust": 0.6
}
}
VAR-202506-0796
Vulnerability from variot - Updated: 2025-07-20 23:26A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-655 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-665 is a high-performance wireless router and a flagship product of D-Link. Attackers can exploit this vulnerability to cause remote code execution or service crash
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202506-0796",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-655",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "1.00"
},
{
"model": "dir-655",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-655",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": "dir-655 firmware 1.00"
},
{
"model": "dir-655",
"scope": "eq",
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "dir-665",
"scope": "eq",
"trust": 0.6,
"vendor": "d link",
"version": "1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"cve": "CVE-2025-6158",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2025-6158",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-009237",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-13519",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2025-6158",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-009237",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-6158",
"trust": 1.0,
"value": "High"
},
{
"author": "OTHER",
"id": "JVNDB-2025-009237",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-13519",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. D-Link Systems, Inc. of DIR-655 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-665 is a high-performance wireless router and a flagship product of D-Link. Attackers can exploit this vulnerability to cause remote code execution or service crash",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-6158"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "CNVD",
"id": "CNVD-2025-13519"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-6158",
"trust": 3.2
},
{
"db": "VULDB",
"id": "312633",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13519",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"id": "VAR-202506-0796",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
}
],
"trust": 1.1634920599999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
}
]
},
"last_update_date": "2025-07-20T23:26:20.697000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for D-Link DIR-665 Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/699806"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir665-dlink"
},
{
"trust": 1.8,
"url": "https://github.com/xiaobor123/vul-finds/tree/main/vul-find-dir665-dlink#poc"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.312633"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.593161"
},
{
"trust": 1.8,
"url": "https://www.dlink.com/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-6158"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.312633"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"date": "2025-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"date": "2025-06-17T04:15:55.407000",
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13519"
},
{
"date": "2025-07-18T04:50:00",
"db": "JVNDB",
"id": "JVNDB-2025-009237"
},
{
"date": "2025-07-16T17:00:25.983000",
"db": "NVD",
"id": "CVE-2025-6158"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link\u00a0Systems,\u00a0Inc.\u00a0 of \u00a0DIR-655\u00a0 Buffer error vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-009237"
}
],
"trust": 0.8
}
}
VAR-201907-0640
Vulnerability from variot - Updated: 2024-11-23 22:55D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. D-Link DIR-655 C The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0640",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-655",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "3.02b05"
},
{
"model": "dir-655",
"scope": "lt",
"trust": 0.8,
"vendor": "d link",
"version": "3.02b05 beta03"
},
{
"model": "d-link dir-655 c \u003c3.02b05 beta03",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:d-link:dir-655_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
}
]
},
"cve": "CVE-2019-13561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-13561",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-23330",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-145420",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-13561",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13561",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-13561",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-23330",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-650",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-145420",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter. D-Link DIR-655 C The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13561"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13561",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-23330",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-145420",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"id": "VAR-201907-0640",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
}
],
"trust": 1.48174603
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
}
]
},
"last_update_date": "2024-11-23T22:55:31.055000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DIR-655 Firmware Release Notes",
"trust": 0.8,
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-655/REVC/DIR-655_REVC_RELEASE_NOTES_v3.02B05_BETA03.pdf"
},
{
"title": "D-LinkDIR-655C has an unspecified vulnerability (CNVD-2019-23330) patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/169557"
},
{
"title": "D-Link DIR-655 C Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95190"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145420"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13561"
},
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/contentassets/7188fe7f130846ffa31827fc1661d120/commandinjection.txt"
},
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/july/the-d-link-dir-655c-from-nothing-to-rce/"
},
{
"trust": 1.1,
"url": "ftp://ftp2.dlink.com/security_advisements/dir-655/revc/dir-655_revc_release_notes_v3.02b05_beta03.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13561"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"db": "VULHUB",
"id": "VHN-145420"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"date": "2019-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-145420"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"date": "2019-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"date": "2019-07-11T15:15:11.597000",
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23330"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-145420"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006252"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-650"
},
{
"date": "2024-11-21T04:25:10.300000",
"db": "NVD",
"id": "CVE-2019-13561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006252"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-650"
}
],
"trust": 0.6
}
}
VAR-201907-0639
Vulnerability from variot - Updated: 2024-11-23 22:44D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. D-Link DIR-655 C The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. An attacker could use the vulnerability to reset the password to the default null value using the \342\200\230setup_wizard\342\200\231 parameter
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0639",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-655",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "3.02b05"
},
{
"model": "dir-655",
"scope": "lt",
"trust": 0.8,
"vendor": "d link",
"version": "3.02b05 beta03"
},
{
"model": "d-link dir-655 c \u003c3.02b05 beta03",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:d-link:dir-655_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
}
]
},
"cve": "CVE-2019-13560",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-13560",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-23329",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-145419",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-13560",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-13560",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13560",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-13560",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-23329",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-649",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-145419",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. D-Link DIR-655 C The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A security vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. An attacker could use the vulnerability to reset the password to the default null value using the \\342\\200\\230setup_wizard\\342\\200\\231 parameter",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13560"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13560",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-23329",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-145419",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"id": "VAR-201907-0639",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
}
],
"trust": 1.48174603
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
}
]
},
"last_update_date": "2024-11-23T22:44:57.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DIR-655 Firmware Release Notes",
"trust": 0.8,
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-655/REVC/DIR-655_REVC_RELEASE_NOTES_v3.02B05_BETA03.pdf"
},
{
"title": "D-LinkDIR-655C has an unspecified vulnerability (CNVD-2019-23329) patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/169553"
},
{
"title": "D-Link DIR-655 C Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95189"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145419"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13560"
},
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/contentassets/7188fe7f130846ffa31827fc1661d120/setupwizard.txt"
},
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/july/the-d-link-dir-655c-from-nothing-to-rce/"
},
{
"trust": 1.1,
"url": "ftp://ftp2.dlink.com/security_advisements/dir-655/revc/dir-655_revc_release_notes_v3.02b05_beta03.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13560"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"db": "VULHUB",
"id": "VHN-145419"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"date": "2019-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-145419"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"date": "2019-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"date": "2019-07-11T15:15:11.520000",
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-23329"
},
{
"date": "2019-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-145419"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006251"
},
{
"date": "2019-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-649"
},
{
"date": "2024-11-21T04:25:10.083000",
"db": "NVD",
"id": "CVE-2019-13560"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C Vulnerabilities related to certificate and password management in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-649"
}
],
"trust": 0.6
}
}
VAR-201907-0641
Vulnerability from variot - Updated: 2024-11-23 22:33D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter. D-Link DIR-655 C The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A cross-site scripting vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0641",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-655",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "3.02b05"
},
{
"model": "dir-655",
"scope": "lt",
"trust": 0.8,
"vendor": "d link",
"version": "3.02b05 beta03"
},
{
"model": "d-link dir-655 c \u003c3.02b05 beta03",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:d-link:dir-655_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
}
]
},
"cve": "CVE-2019-13562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-13562",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-22608",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-145421",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2019-13562",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13562",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-13562",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-22608",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-651",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-145421",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstrated by the /www/ping_response.cgi ping_ipaddr parameter, the /www/ping6_response.cgi ping6_ipaddr parameter, and the /www/apply_sec.cgi html_response_return_page parameter. D-Link DIR-655 C The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A cross-site scripting vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13562"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13562",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-22608",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-145421",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"id": "VAR-201907-0641",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
}
],
"trust": 1.48174603
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
}
]
},
"last_update_date": "2024-11-23T22:33:49.579000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DIR-655 Firmware Release Notes",
"trust": 0.8,
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-655/REVC/DIR-655_REVC_RELEASE_NOTES_v3.02B05_BETA03.pdf"
},
{
"title": "Patch for D-LinkDIR-655C Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/168801"
},
{
"title": "D-Link DIR-655 C Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95191"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/contentassets/7188fe7f130846ffa31827fc1661d120/crosssitescripting.txt"
},
{
"trust": 1.7,
"url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/july/the-d-link-dir-655c-from-nothing-to-rce/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13562"
},
{
"trust": 1.1,
"url": "ftp://ftp2.dlink.com/security_advisements/dir-655/revc/dir-655_revc_release_notes_v3.02b05_beta03.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13562"
},
{
"trust": 0.6,
"url": "https://www.dlink.comhttps"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "VULHUB",
"id": "VHN-145421"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"date": "2019-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-145421"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"date": "2019-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"date": "2019-07-11T15:15:11.660000",
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"date": "2019-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-145421"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006253"
},
{
"date": "2019-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-651"
},
{
"date": "2024-11-21T04:25:10.523000",
"db": "NVD",
"id": "CVE-2019-13562"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22608"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-651"
}
],
"trust": 0.6
}
}
VAR-201907-0642
Vulnerability from variot - Updated: 2024-11-23 22:25D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console. D-Link DIR-655 C The device contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A cross-site request forgery vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. The vulnerability stems from the fact that the web application did not fully verify that the request came from a trusted user. An attacker could exploit the vulnerability to send an unexpected request to the server through an affected client
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201907-0642",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dir-655",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": "3.02b05"
},
{
"model": "dir-655",
"scope": "lt",
"trust": 0.8,
"vendor": "d link",
"version": "3.02b05 beta03"
},
{
"model": "d-link dir-655 c \u003c3.02b05 beta03",
"scope": null,
"trust": 0.6,
"vendor": "d link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:d-link:dir-655_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
}
]
},
"cve": "CVE-2019-13563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-13563",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-22609",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-145422",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-13563",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-13563",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13563",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-13563",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-22609",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201907-652",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-145422",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-13563",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the entire management console. D-Link DIR-655 C The device contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-LinkDIR-655C is a wireless router from D-Link Corporation of Taiwan, China. A cross-site request forgery vulnerability exists in previous versions of D-LinkDIR-655C3.02B05BETA03. The vulnerability stems from the fact that the web application did not fully verify that the request came from a trusted user. An attacker could exploit the vulnerability to send an unexpected request to the server through an affected client",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "VULMON",
"id": "CVE-2019-13563"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13563",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-22609",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-145422",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-13563",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"id": "VAR-201907-0642",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
}
],
"trust": 1.48174603
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
}
]
},
"last_update_date": "2024-11-23T22:25:54.117000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DIR-655 Firmware Release Notes",
"trust": 0.8,
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-655/REVC/DIR-655_REVC_RELEASE_NOTES_v3.02B05_BETA03.pdf"
},
{
"title": "Patch for D-LinkDIR-655C Cross-site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/168807"
},
{
"title": "D-Link DIR-655 C Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95192"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13563"
},
{
"trust": 1.8,
"url": "https://www.nccgroup.trust/contentassets/7188fe7f130846ffa31827fc1661d120/csrf.txt"
},
{
"trust": 1.8,
"url": "https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/july/the-d-link-dir-655c-from-nothing-to-rce/"
},
{
"trust": 1.2,
"url": "ftp://ftp2.dlink.com/security_advisements/dir-655/revc/dir-655_revc_release_notes_v3.02b05_beta03.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-13563"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "VULHUB",
"id": "VHN-145422"
},
{
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"date": "2019-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-145422"
},
{
"date": "2019-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"date": "2019-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"date": "2019-07-11T15:15:11.723000",
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"date": "2019-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-145422"
},
{
"date": "2021-04-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13563"
},
{
"date": "2019-07-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-006248"
},
{
"date": "2019-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201907-652"
},
{
"date": "2024-11-21T04:25:10.757000",
"db": "NVD",
"id": "CVE-2019-13563"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "D-Link DIR-655 C Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-22609"
},
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201907-652"
}
],
"trust": 0.6
}
}