| tiêu đề | D-Link DIR-890 L A1 DIR-806A1 DIR-890 L A1<=108B03 DIR-806A1<=100CNb11 Command execution |
|---|
| Mô tả | The router D-Link DIR-890 L 108b03 and DIR-806A1 100CNb11 has a serious command injection vulnerability. Attackers can set the request header through the path /htdocs/soap.cgi and inject commands through the function `sub_175C8()` to achieve remote command execution and even cause serious consequences.The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152. |
|---|
| Nguồn | ⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/tt/1.md |
|---|
| Người dùng | BabyShark (UID 83915) |
|---|
| Đệ trình | 10/04/2025 18:17 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 05/05/2025 18:52 (25 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 307458 [D-Link DIR-890L/DIR-806A1 đến 100CNb11/108B03 /htdocs/soap.cgi sub_175C8 nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|