Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new_qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenated into command strings and executed via system() without any sanitization. An attacker with write access to /tmp/new_qos.rule can execute arbitrary commands on the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DIR-823G 安全漏洞
Vulnerability Description
D-Link DIR-823G是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-823G DIR823G_V1.0.2B05_20181207.bin版本存在安全漏洞,该漏洞源于timelycheck和sysconf二进制文件处理/tmp/new_qos.rule文件时验证不足,可能导致命令注入。
CVSS Information
N/A
Vulnerability Type
N/A