Описание
A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Ссылки
- ExploitIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- ExploitIssue Tracking
Уязвимые конфигурации
Одновременно
EPSS
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Уязвимость функци soapcgi_main() компонента SOAP Service файла soap.cgi микропрограммного обеспечения маршрутизаторов D-Link DIR-852, позволяющая нарушителю выполнить произвольные команды
EPSS
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2