CVE-2020-6841

Published: Feb 21, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10152

x_refsource_CONFIRM

https://gist.github.com/jezzaaa/38c752d0a129576b2cc523ce6325050f

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-6841

Description

Affected Products

References