Published on August 1st, 2019 📆 | 3751 Views ⚑0
D-Link 6600-AP/DWL-3600AP Ax 184.108.40.206 Command Line Interface command injection
|CVSS Meta Temp Score||Current Exploit Price (≈)|
A vulnerability has been found in D-Link 6600-AP and DWL-3600AP Ax 220.127.116.11 and classified as critical. Affected by this vulnerability is an unknown part of the component Command Line Interface. The manipulation with the input value
/bin/sh -c wget leads to a privilege escalation vulnerability (Command Injection). The CWE definition for the vulnerability is CWE-88. As an impact it is known to affect confidentiality, integrity, and availability.
The weakness was published 08/01/2019. This vulnerability is known as CVE-2019-14337 since 07/28/2019. Technical details of the vulnerability are known, but there is no available exploit. The pricing for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 08/01/2019).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.5
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔒
0-Day unlock unlock unlock unlock Today unlock unlock unlock unlock
0-Day Time: 🔒
07/28/2019 CVE assigned Upgrade your account now!
08/01/2019 +4 days Advisory disclosed
08/01/2019 +0 days VulDB entry created
08/01/2019 +0 days VulDB last updateVendor: dlink.com
CVE: CVE-2019-14337 (🔒)
See also: 🔒Created: 08/01/2019 05:01 PM
Upgrade your account now!