D-Link DAP-1860 °²È«·ì϶·çÏÕ¹«¸æ

°ä²¼¹¦·ò 2019-12-10

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-19597£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-19598£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Model

Revision

Affected FW

Fixed FW

DAP-1860

All Ax revisions

v1.04b01 and below (older)

v1.04b03 Beta Hot Fix

·ì϶¸ÅÊö


D-Link DAP-1860ÊÇÖйų́ÍåÓÑѶ£¨D-Link£©¹«Ë¾µÄÒ»¿îWiFiÁìÓòÀ©´óÆ÷¡£


CVE-2019-19597

¹¥»÷Õ߿ɽèÖúHNAP_AUTH HTTPÍ·ÖеÄshellÔª×Ö·ûÀûÓø÷ì϶ÒÔrootȨÏÞÖ´ÐÐËÁÒâ´úÂë¡£


CVE-2019-19598

¹¥»÷Õ߿ɽèÖúHNAP_AUTHÍ·ÖеŦ·ò´ÁÖ·ûÓø÷ì϶δ¾­Éí·ÝÑéÖ¤±ã¿É½Ó¼ûÖÎÀíÔ±Ö°ÄÜ¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£¬²¹¶¡»ñÈ¡Á´½Ó£º

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135


²Î¿¼Á´½Ó


https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/