Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link DIR-852 Simple Service Discovery Protocol Service cgibin ssdpcgi_main command injection
Vulnerability Description
A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi_main of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
D-Link DIR-852 安全漏洞
Vulnerability Description
D-Link DIR-852是中国友讯(D-Link)公司的一款路由器。 D-Link DIR-852 1.00CN B09版本存在安全漏洞,该漏洞源于文件htodcs/cgibin中组件Simple Service Discovery Protocol Service对参数ST的错误操作,可能导致远程命令注入。
CVSS Information
N/A
Vulnerability Type
N/A