Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed via system(). An attacker can exploit this vulnerability remotely without authentication by sending a specially crafted HTTP request, leading to arbitrary command execution on the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DIR-878 安全漏洞
Vulnerability Description
D-Link DIR-878是中国友讯(D-Link)公司的一款无线路由器。 D-Link DIR-878存在安全漏洞,该漏洞源于SetNetworkSettings功能中IPAddress和SubnetMask参数未经验证,可能导致远程命令执行。
CVSS Information
N/A
Vulnerability Type
N/A