Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthenticated Command Injection
Vulnerability Description
D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to execute arbitrary commands on the device with root privileges. The flaw specifically exists within the SetDest/Dest/Target arguments to the GetDeviceSettings form. The management interface is accessible over HTTP and HTTPS on the local and Wi-Fi networks and optionally from the Internet.
CVSS Information
N/A
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
D-Link DIR-1260 安全漏洞
Vulnerability Description
D-Link DIR-1260是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-1260 v1.20B05及之前版本存在安全漏洞,该漏洞源于web管理界面中SetDest/Dest/Target参数存在命令注入,可能导致未经验证的攻击者以root权限执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A