A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version 1.02B03 that allows an malicious user to execute arbitrary operating system commands through well-designed /HNAP1 requests. Before the HNAP API function can process the request, the system function executes an untrusted command that triggers the vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlink dir-823g_firmware 1.02b03 |