Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29541
HistoryJul 10, 2013 - 12:00 a.m.

Re: OS-Command Injection via UPnP Interface in multiple D-Link devices

2013-07-1000:00:00
vulners.com
21
JSON

I can concur these issues exist in several other models as well. In fact, on any UPnP enabled D-Link from 868L and down, merely selecting "Display Hidden Elements" inside the developer tool bar, will expose the entire administrative GUI.

Additional models I found the same bug, though I'm so sure that the latest firmware completely fixes the issues.

Wireless AC1200 Dual Band Gigabit Cloud Router DIR-850L
Wireless AC1200 Dual Band Gigabit Cloud Router DIR-860L
Wireless N150 Home Router DIR-601
Wireless N 8-Port Router DIR-632

JSON