| Title | www.dlink.com D-LINK-DAR-7000-40 DAR V31R02B1413C Command Injection |
|---|
| Description | There is a command execution vulnerability in the D-LINK-DAR-7000 backend management system. The interface /useratte/resmanage.php does not verify parameters, causing command execution to obtain server permissions. |
|---|
| Source | ⚠️ https://github.com/h0e4a0r1t/h0e4a0r1t.github.io/blob/master/2024/%3CWHB%7Cj%5CIbSU0m4%3A_/D-LINK-DAR-7000_RCE_%20resmanage.php.pdf |
|---|
| User | H0e4a0r1t (UID 65358) |
|---|
| Submission | 05/14/2024 11:00 (2 years ago) |
|---|
| Moderation | 05/15/2024 21:15 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 264533 [D-Link DAR-7000-40 V31R02B1413C /useratte/resmanage.php Load os command injection] |
|---|
| Points | 16 |
|---|