Описание
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
Ссылки
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- Not Applicable
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- Not Applicable
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dlink:dir-846_firmware:100a53dbr:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-846:-:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20679
Средний
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
около 3 лет назад
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.
CVSS3: 9.1
fstec
около 3 лет назад
Уязвимость реализации функции exec() микропрограммного обеспечения маршрутизаторов D-Link DIR-846, позволяющая нарушителю выполнить произвольные команды
EPSS
Процентиль: 95%
0.20679
Средний
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78