| Titel | D-Link DIR-645 D-Link DIR‑645 A1 Command Injection |
|---|
| Beschreibung | D-Link DIR‑645 A1 has a remote arbitrary command execution vulnerability in ssdpcgi
This function is sprintf+system, and we can control the parameters, so we can execute any command to perform rce or other malicious attacks. |
|---|
| Quelle | ⚠️ https://github.com/Thir0th/Thir0th-CVE/blob/main/D-Link%20DIR%E2%80%91645%20A1%20has%20a%20remote%20arbitrary%20command%20execution%20vulnerability%20in%20ssdpcgi.md |
|---|
| Benutzer | liuchangwei (UID 86561) |
|---|
| Einreichung | 01.07.2025 12:54 (vor 10 Monaten) |
|---|
| Moderieren | 07.07.2025 10:36 (6 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 315131 [D-Link DIR-645 bis 1.05B01 ssdpcgi /htdocs/cgibin ssdpcgi_main erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|