Enviar #753247: D-Link DCS933L v1.14.11 Command Injectioninformación

TítuloD-Link DCS933L v1.14.11 Command Injection
DescripciónA command injection vulnerability exists in the setSystemAdmin function of the alphapd binary in D-Link DCS-933L firmware v1.14.1. The AdminID parameter is obtained directly from user input and inserted into the shell command without proper sanitization, allowing a remote attacker to execute arbitrary operating system commands through a carefully crafted request
Fuente⚠️ https://github.com/jinhao118/cve/blob/main/D-Link%20DCS933L_v1.14.11.md
Usuario
 allanp0e (UID 94632)
Sumisión2026-02-06 07:49 (hace 2 meses)
Moderación2026-02-08 15:48 (2 days later)
EstadoAceptado
Entrada de VulDB344936 [D-Link DCS-933L hasta 1.14.11 alphapd /setSystemAdmin AdminID escalada de privilegios]
Puntos19

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!