Описание
D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing substring of an HTTP header that has "SOAPAction: http://purenetworks.com/HNAP1/GetDeviceSettings/" at the beginning.
D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing substring of an HTTP header that has "SOAPAction: http://purenetworks.com/HNAP1/GetDeviceSettings/" at the beginning.
Связанные уязвимости
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header.
Уязвимость функции hnap_main() микропрограммного обеспечения беспроводных маршрутизаторов D-LINK DIR-806, позволяющая нарушителю выполнить произвольные команды, получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании