Back to search
CVE-2021-26810
Published: Mar 30, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
https://github.com/GD008/vuln/blob/main/DIR-816.md
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now