Отправить #701774: D-Link DCS930L v1.15.04 Command InjectionИнформация

НазваниеD-Link DCS930L v1.15.04 Command Injection
ОписаниеA command injection vulnerability exists in the setSystemAdmin function of the alphapd binary in D-Link DCS-930L firmware v1.15.04. The AdminID parameter is directly taken from user input and inserted into shell commands without proper sanitization, allowing remote attackers to execute arbitrary OS commands via crafted requests.
Источник⚠️ https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/D-Link/vuln-1/D-Link%20Vulnerability.md
Пользователь
 Anonymous User
Представление26.11.2025 07:34 (5 месяцы назад)
Модерация07.12.2025 16:40 (11 days later)
Статуспринято
Запись VulDB334667 [D-Link DCS-930L 1.15.04 alphapd /setSystemAdmin AdminID эскалация привилегий]
Баллы19

ПредыдущийОбзорДалее

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!