CVE-2018-19987

Name: CVE-2018-19987
Creator: NVD / NIST
Published: 2019-05-13T14:29:01.207+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 12.93%

Last modified Jun 17, 2026

CVE-2018-19987 is a vulnerability of currently unknown severity. D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. EPSS estimates a 12.93% chance of exploitation in the next 30 days.

Description

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string.

Metrics

EPSS Probability

12.93%

95.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-78

Affected Software

Vendor	Product	Versions	Update
D-Link	Dir-818lw Firmware	2.05.b03	—
D-Link	Dir-822 Firmware	202krb06	—
Dlink	Dir-822 Firmware	3.10b06	—
D-Link	Dir-860l Firmware	2.03.b03	—
D-Link	Dir-868l Firmware	2.05b02	—
D-Link	Dir-880l Firmware	1.20b01_01_i3se	Beta
D-Link	Dir-890l\/R Firmware	1.21b02	Beta

References

https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990Exploit, Third Party Advisory
https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990Exploit, Third Party Advisory

Timeline

Published: May 13, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-19987?

How severe is CVE-2018-19987?

Severity scoring for CVE-2018-19987 is pending analysis. The EPSS model estimates a 12.93% probability of exploitation in the next 30 days.

How do I fix CVE-2018-19987?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-19987?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST