Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link DAP-1650 SUBSCRIBE Callback Command Injection Vulnerability
Vulnerability Description
A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
D-Link DAP-1650 命令注入漏洞
Vulnerability Description
D-Link DAP-1650是中国友讯(D-Link)公司的一款WiFi范围扩展器。 D-Link DAP-1650 存在安全漏洞,该漏洞源于在处理 UPnP SUBSCRIBE 消息时,存在命令注入漏洞。
CVSS Information
N/A
Vulnerability Type
N/A