CVE-2019-17621 — D-Link DIR-859 Router

D-Link DIR-859 Router Command Execution Vulnerability

Added to KEV

2023-06-29

Federal due date

2023-07-20

Vendor

D-Link

Product

DIR-859 Router

EPSS

99.8th percentile (score 0.930, as of 2026-06-08)

NVD CVSS v3.1

—

Ransomware use

Unknown

Upstream

https://nvd.nist.gov/vuln/detail/CVE-2019-17621

CISA short description

D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

Required action

Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

EPSS percentile is the FIRST.org exploit-probability ranking as of the date noted above; it moves daily. CVSS reflects NVD's analysis at time of publication.