N/A

The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting generated files such as WAN-1-udhcpc.sh.

N/A

N/A

D-Link DIR-850L REV.A和REV.B DHCP客户端安全漏洞

D-Link DIR-850L REV.A和REV.B都是友讯（D-Link）公司的无线路由器产品。DHCP client是其中的一个DHCP客户端。 使用FW114WWb07_h2ab_beta1及之前版本固件的D-Link DIR-850L REV.A和FW208WWb02及之前版本固件的REV.B设备上的DHCP客户端存在安全漏洞，该漏洞源于/etc/services/INET/inet_ipv4.php文件没有正确的处理shell元字符。远程攻击者可利用该漏洞以root权限执行代码。

N/A

N/A