Vulnerability Database

309,237

Total vulnerabilities in the database

CVE-2018-19987

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the telnetd string.

Published: May 13, 2019
Updated: Nov 9, 2025
CVE: CVE-2018-19987
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
d-link / dir-818lw_firmware	2.05.b03	2.05.b03.x
d-link / dir-822_firmware	202krb06	202krb06.x
d-link / dir-860l_firmware	2.03.b03	2.03.b03.x
d-link / dir-868l_firmware	2.05b02	2.05b02.x
d-link / dir-880l_firmware	1.20b01_01_i3se-beta	1.20b01_01_i3se-beta.x
d-link / dir-890l/r_firmware	1.21b02-beta	1.21b02-beta.x
dlink / dir-822_firmware	3.10b06	3.10b06.x

https://github.com/pr0v3rbs/CVE/tree/master/CVE-2018-19986%20-%2019990

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo