Описание
A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2026-1419
- https://tzh00203.notion.site/D-Link-DCS700l-v1-03-09-Command-Injection-Vulnerability-in-LightSensorControl-Parameter-2e6b5c52018a80ada0f6d7e72efd7a45?source=copy_link
- https://vuldb.com/?ctiid.342815
- https://vuldb.com/?id.342815
- https://vuldb.com/?submit.736554
- https://www.dlink.com
Связанные уязвимости
A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Уязвимость функции sub_4298C0() микропрограммного обеспечения IP-камер D-Link DCS700l, позволяющая нарушителю выполнить произвольные команды