CVE List

CVE-2019-10891

Critical 9.8

D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing substring of an HTTP header that has "SOAPAction: http://purenetworks.com/HNAP1/GetDeviceSettings/" at the beginning.

Published September 7, 2019.

Affected software

Dlink Dir-806 Firmware

Reference links

Sign Up for Alerts