CVE-2013-10059 in DIR-615H1정보

요약

\~에 의해 MITRE • 2025. 08. 02.

An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulnCheck

예약하다

2025. 08. 01.

공개

2025. 08. 02.

모더레이션

수락

항목

VDB-318572

CPE

준비됨

CWE

CWE-78 (확인됨)

익스플로잇

다운로드

CVSS

7.2 (NVD)

EPSS

0.72383

KEV

아니요

활동

매우 낮음

부문

Education, Police, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-10059
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-10059
CVE Details	https://www.cvedetails.com/cve/CVE-2013-10059/

◂ 이전 개요 다음 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!