Enviar #772866: D-Link DIR-513 1.10 RCEinformación

TítuloD-Link DIR-513 1.10 RCE
DescripciónThe web service of the DIR-513 device contains a security flaw when processing system commands. When the program receives a POST request to a specific endpoint (e.g., `/goform/formSysCmd`), it triggers the `formSysCmd` function. This function extracts the value of the `sysCmd` parameter from the request body using `websGetVar(a1, "sysCmd", ...)`. Without any sanitization or validation, this user-controlled input is passed directly into an `snprintf` function to construct a shell command string. The formatted string is then executed directly by the `system()` function. Due to the lack of input validation, an attacker can inject shell metacharacters (such as `;` or `&`) to execute arbitrary malicious commands (e.g., opening a telnet backdoor) on the underlying operating system with the privileges of the web service.
Fuente⚠️ https://github.com/InfiniteLin/Lin-s-CVEdb/blob/main/DIR-513/formSysCmd.pdf
Usuario
 AttackingLin (UID 88138)
Sumisión2026-03-05 13:42 (hace 3 meses)
Moderación2026-03-19 21:29 (14 days later)
EstadoAceptado
Entrada de VulDB351755 [D-Link DIR-513 1.10 /goform/formSysCmd sysCmd escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!