| शीर्षक | D-Link DIR-600L 2.07B01 Command Injection |
|---|
| विवरण | d-link DIR-600L has command injection vulnerability in formSysCmd.The program receives the value of the host field through the websGetVar function,concatenates it into a formatted string using the sprintf function, and finally executes a system command using the system function. Since the attacker's inputis not filtered, any command can be executed. |
|---|
| स्रोत | ⚠️ https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Command_injection-formSysCmd-sysCmd/README.md |
|---|
| उपयोगकर्ता | B1Nn (UID 84136) |
|---|
| सबमिशन | 15/04/2025 02:12 PM (1 वर्ष पहले) |
|---|
| संयम | 05/05/2025 06:59 PM (20 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 307467 [D-Link DIR-600L तक 2.07B01 formSysCmd host अधिकार वृद्धि] |
|---|
| अंक | 18 |
|---|