.. / CVE-2019-16920

Exploit for D-Link Routers - Remote Code Execution (CVE-2019-16920)

Description:

D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a “PingTest” device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these issues also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.

Nuclei Template

View the template here CVE-2019-16920.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-16920.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2019-16920
https://medium.com/@80vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3
https://fortiguard.com/zeroday/FG-VD-19-117
https://github.com/pwnhacker0x18/CVE-2019-16920-MassPwn3r
https://www.seebug.org/vuldb/ssvid-98079

.. / CVE-2019-16920 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for D-Link Routers - Remote Code Execution (CVE-2019-16920)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2019-16920