Описание
A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:dlink:di-8200g_firmware:17.12.20a1:*:*:*:*:*:*:*
cpe:2.3:h:dlink:di-8200g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00251
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
CWE-77
Связанные уязвимости
CVSS3: 6.3
github
30 дней назад
A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
EPSS
Процентиль: 48%
0.00251
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
CWE-77