| 제목 | D-Link DIR-860L Rev.B 2.04.B04 Command Injection |
|---|
| 설명 | A critical unauthenticated command injection vulnerability was discovered in the firmware of the D-Link DIR-860L router. The vulnerability exists within the device's SSDP (Simple Service Discovery Protocol) service and allows a remote attacker to execute arbitrary system commands on a target device by sending a specially crafted M-SEARCH network packet.
The root cause of the vulnerability is that the application directly takes the value of the ST (Search Target) header from an SSDP request and concatenates it into a string that is passed to the system() function, without proper validation or sanitization. An attacker can exploit this flaw by injecting shell metacharacters (such as a semicolon) into the ST header to append and execute arbitrary commands, leading to remote code execution. |
|---|
| 원천 | ⚠️ https://github.com/i-Corner/cve/issues/17 |
|---|
| 사용자 | iC0rner (UID 82839) |
|---|
| 제출 | 2025. 08. 06. PM 08:29 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 08. 14. AM 09:15 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 320091 [D-Link DIR-860L 2.04.B04 Simple Service Discovery Protocol htdocs/cgibin ssdpcgi_main 권한 상승] |
|---|
| 포인트들 | 20 |
|---|