CVE-2020-15893: OS Command Injection
First published: Wed Jul 22 2020(Updated: )
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-link Dir-816l Firmware | =2.06 | |
| D-link Dir-816l Firmware | =2.06.b09-beta | |
| Dlink Dir-816l | =b1 | |
| Dlink Dir-816l Firmware | =2.06 | |
| Dlink Dir-816l Firmware | =2.06.b09-beta |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-15893?
CVE-2020-15893 is a vulnerability discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02.
How does CVE-2020-15893 affect D-Link DIR-816L devices?
CVE-2020-15893 enables an attacker to perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet.
What is the severity of CVE-2020-15893?
The severity of CVE-2020-15893 is critical, with a CVSS score of 9.8.
Is the D-Link DIR-816L firmware version 2.06 affected by CVE-2020-15893?
Yes, the D-Link DIR-816L firmware version 2.06 is affected by CVE-2020-15893.
How can I fix CVE-2020-15893?
To fix CVE-2020-15893, it is recommended to update the D-Link DIR-816L firmware to version 1.10b04Beta02 or later.
- collector/nvd-index
- collector/nvd-api
- vendor/d-link
- canonical/d-link dir-816l firmware
- version/d-link dir-816l firmware/2.06
- version/d-link dir-816l firmware/2.06.b09-beta
- vendor/dlink
- canonical/dlink dir-816l
- version/dlink dir-816l/b1
- canonical/dlink dir-816l firmware
- version/dlink dir-816l firmware/2.06
- version/dlink dir-816l firmware/2.06.b09-beta