D-Link DIR-610 Improper Control of Generation of Code (‘Code Injection’) Vulnerability

Summary

D-Link DIR-610 suffers from improper control of generation of code (‘Code Injection’) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10182


Details

UNSUPPORTED WHEN ASSIGNED D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.  

 

Vulnerable Systems:

D-Link DIR-610

 

CVE Information:

CVE-2020-9377

 

Disclosure Timeline:
Published Date:7/9/2020

Categories: FeaturedNews