Invia #645712: D-Link DIR-823X <= V250416 Command Injectioninformazioni

TitoloD-Link DIR-823X <= V250416 Command Injection
DescrizioneThe latest version 250416 (250416) of the D-LINK DIR-823X router has an unauthorized command execution vulnerability. The specific vulnerability exists in the /usr/sbin/goahead file. When accessing the route /goform/set_static_leases and making a specific field request, arbitrary commands can be executed without authentication, achieving remote command execution and even obtaining a shell.
Fonte⚠️ https://github.com/lin-3-start/lin-cve/blob/main/DIR-823X/D-Link%20DIR-823X%20routers%20have%20an%20unauthorized%20command%20execution%20vulnerability.md
Utente
 QMSSDXN (UID 88719)
Sottomissione02/09/2025 11:01 (10 mesi fa)
Moderazione08/09/2025 17:19 (6 days later)
StatoAccettato
Voce VulDB323093 [D-Link DIR-823X fino a 250416 set_static_leases sub_415028 Nome host escalationi di privilegi]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you know our Splunk app?

Download it now for free!