Описание
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Ссылки
- ExploitThird Party AdvisoryIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- ExploitThird Party AdvisoryIssue Tracking
Уязвимые конфигурации
Одновременно
Одновременно
Одновременно
Одновременно
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Уязвимость встроенного веб-сервера boa микропрограммного обеспечения маршрутизаторов D-Link DWR-M920, DWR-M921, DIR-822K и DIR-825M, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2