CVE-2019-17621CISA KEVEPSS p99.8%

CVE-2019-17621D-Link DIR-859 Router Command Execution Vulnerability

D-Link / DIR-859 Router

Description

D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

Scoring

EPSS89.62% probability of exploitation · percentile 99.8% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-06-29

(incoming)1

TypeTargetConfidenceTier
KEVEntryD-Link DIR-859 Router Command Execution Vulnerabilitykev-cve-2019-176210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
D-Link DIR-859 Router Path Traversal Vulnerability
CVE
D-Link DIR-610 Devices Remote Command Execution
CVE
D-Link Multiple Routers Command Injection Vulnerability
CVE
CVE-2025-13562
CVE
D-Link Multiple Routers OS Command Injection Vulnerability
CVE
CVE-2025-15391
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.