Описание
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
Уязвимость сценария /Tool/querysql.php микропрограммного обеспечения маршрутизатора D-Link DAR-8000, позволяющая нарушителю выполнять произвольные команды
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS3
6.5 Medium
CVSS2