Gửi #558302: D-Link DIR-600L 2.07B01 Command Injectionthông tin

tiêu đềD-Link DIR-600L 2.07B01 Command Injection
Mô tảd-link DIR-600L has command injection vulnerability in formSysCmd.The program receives the value of the host field through the websGetVar function,concatenates it into a formatted string using the sprintf function, and finally executes a system command using the system function. Since the attacker's inputis not filtered, any command can be executed.
Nguồn⚠️ https://github.com/jylsec/vuldb/blob/main/D-Link/dlink_dir600l/Command_injection-formSysCmd-sysCmd/README.md
Người dùng
 B1Nn (UID 84136)
Đệ trình15/04/2025 14:12 (cách đây 1 Năm)
Kiểm duyệt05/05/2025 18:59 (20 days later)
Trạng tháiđược chấp nhận
Mục VulDB307467 [D-Link DIR-600L đến 2.07B01 formSysCmd host nâng cao đặc quyền]
điểm18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!