On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
d-link dir-823g_firmware - |