The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "Ping or Trace an IP Address" or (2) "Perform a DNS Lookup" section.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:CDlink Dsr 1000
HWDlinkwszystkie wersjeDlink Dsr 1000 Firmware
OSDlink1.01b501.02b111.02b251.03b121.03b231.03b271.03b361.03b431.04b581.06b431.06b53≤ 1.08b51Dlink Dsr 1000n
HWDlinkwszystkie wersjeDlink Dsr 1000n Firmware
OSDlink1.01b501.02b111.02b251.03b121.03b231.03b271.03b361.03b431.04b581.06b431.06b53≤ 1.08b51Dlink Dsr 150
HWDlinkwszystkie wersjeDlink Dsr 150 Firmware
OSDlink1.05b291.05b351.05b461.05b50≤ 1.08b29Dlink Dsr 150n
HWDlinkwszystkie wersjeDlink Dsr 150n Firmware
OSDlink≤ 1.05b48Dlink Dsr 250
HWDlinkwszystkie wersjeDlink Dsr 250 Firmware
OSDlink1.01b461.01b561.05b201.05b531.08b31≤ 1.08b39Dlink Dsr 250n
HWDlinkwszystkie wersjeDlink Dsr 250n Firmware
OSDlink1.01b461.01b561.05b201.05b531.08b31≤ 1.08b39Dlink Dsr 500
HWDlinkwszystkie wersjeDlink Dsr 500 Firmware
OSDlink1.02b111.02b251.03b121.03b231.03b271.03b361.03b431.04b581.06b431.06b53≤ 1.08b51Dlink Dsr 500n
HWDlinkwszystkie wersjeDlink Dsr 500n Firmware
OSDlink1.02b111.02b251.03b121.03b231.03b271.03b361.03b431.04b581.06b431.06b53≤ 1.08b51
Powiązane podatności
D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passw...
The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection vulnerability, which ...
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware ...
Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to...
A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary i...