| 제목 | D-Link DIR-880L <=104WWb01 Command execution |
|---|
| 설명 | D-Link router DIR-880L 104WWb01 version has a serious command injection vulnerability. An attacker can set the request header through the path /htdocs/ssdpcgi and inject commands through the function sub_16570() to achieve remote command execution and even cause serious consequences. An attacker can use this vulnerability to execute arbitrary code by sending a specially constructed payload to port 49152. |
|---|
| 원천 | ⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/DIR-880L/1.md |
|---|
| 사용자 | BabyShark (UID 83915) |
|---|
| 제출 | 2025. 04. 11. AM 10:18 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 05. 05. PM 06:54 (24 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 307459 [D-Link DIR-880L 까지 104WWb01 Request Header /htdocs/ssdpcgi sub_16570 HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID 권한 상승] |
|---|
| 포인트들 | 20 |
|---|