Описание
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dlink:dir-818lw_firmware:2.06:betab01:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-818lw:-:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.09015
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.
EPSS
Процентиль: 92%
0.09015
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78