CVE-2019-6014: OS Command Injection
First published: Thu Dec 26 2019(Updated: )
DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute arbitrary OS commands via Web User Interface.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dlink Dba-1510p Firmware | <=1.70b009 | |
| Dlink Dba-1510p |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-6014?
CVE-2019-6014 is a vulnerability in the DBA-1510P firmware 1.70b009 and earlier that allows an attacker to execute arbitrary OS commands via the Web User Interface.
What is the severity of CVE-2019-6014?
CVE-2019-6014 has a severity rating of 8.8 (high).
What software is affected by CVE-2019-6014?
DBA-1510P firmware 1.70b009 and earlier is affected by CVE-2019-6014.
How can an attacker exploit CVE-2019-6014?
An attacker can exploit CVE-2019-6014 by executing arbitrary OS commands via the Web User Interface.
How can I fix CVE-2019-6014?
To fix CVE-2019-6014, update the DBA-1510P firmware to version 1.70b010 or later.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/event
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dlink
- canonical/dlink dba-1510p firmware
- version/dlink dba-1510p firmware/1.70b009
- canonical/dlink dba-1510p