CVE-2019-20500CISA KEVEPSS p99.9%

CVE-2019-20500D-Link DWL-2600AP Access Point Command Injection Vulnerability

D-Link / DWL-2600AP Access Point

Description

D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter.

Scoring

EPSS95.80% probability of exploitation · percentile 99.9% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-06-29

(incoming)1

TypeTargetConfidenceTier
KEVEntryD-Link DWL-2600AP Access Point Command Injection Vulnerabilitykev-cve-2019-205000%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
D-Link DSL-2750B Devices Command Injection Vulnerability
CVE
D-Link Multiple Routers Command Injection Vulnerability
CVE
D-Link Multiple Routers OS Command Injection Vulnerability
CVE
CVE-2025-4349
CVE
D-Link DNS-320 Device Command Injection Vulnerability
CVE
CVE-2026-4203
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.