Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via crafted HTTP requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DIR-868L 安全漏洞
Vulnerability Description
D-Link DIR-868L是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-868L B1 FW2.05WWB02版本存在安全漏洞,该漏洞源于fileaccess.cgi组件存在未经验证的OS命令注入,可能导致以root权限执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A