First published: Mon May 13 2019(Updated: )
In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth internal configuration memory without any regex checking. And in the bwc_tc_spq_start, bwc_tc_wfq_start, and bwc_tc_adb_start functions of the bwcsvcs.php source code, the data in /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth is used with the tc command without any regex checking. A vulnerable /HNAP1/SetQoSSettings XML message could have shell metacharacters in the uplink element such as the `telnetd` string.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
D-link Dir-822 Firmware | =202krb06 | |
Dlink Dir-822 Firmware | =3.10b06 | |
Dlink Dir-822 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-19989 is critical with a severity value of 9.8.
D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices are affected by CVE-2018-19989.
The vulnerability type of CVE-2018-19989 is CWE-78.
To fix CVE-2018-19989, update the firmware of D-Link DIR-822 Rev.B to version 202KRb06 or higher and DIR-822 Rev.C to version 3.10B06 or higher.
You can find more information about CVE-2018-19989 at the following link: [GitHub - CVE-2018-19986 - 19990](https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990)