Bugtraq mailing list archives
Re: OS-Command Injection via UPnP Interface in multiple D-Link devices
From: krlovett () gmail com
Date: Mon, 8 Jul 2013 16:16:47 GMT
I can concur these issues exist in several other models as well. In fact, on any UPnP enabled D-Link from 868L and down, merely selecting "Display Hidden Elements" inside the developer tool bar, will expose the entire administrative GUI. Additional models I found the same bug, though I'm so sure that the latest firmware completely fixes the issues. Wireless AC1200 Dual Band Gigabit Cloud Router DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router DIR-860L Wireless N150 Home Router DIR-601 Wireless N 8-Port Router DIR-632
Current thread:
- OS-Command Injection via UPnP Interface in multiple D-Link devices devnull (Jul 08)
- <Possible follow-ups>
- Re: OS-Command Injection via UPnP Interface in multiple D-Link devices krlovett (Jul 08)
- Re: OS-Command Injection via UPnP Interface in multiple D-Link devices devnull (Jul 08)