Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
D-Link D-View 8 Installer DLL Preloading via Uncontrolled Search Path
Vulnerability Description
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can supply a malicious version.dll alongside the legitimate installer so that, when a victim runs the installer and approves the UAC prompt, attacker-controlled code executes with administrator privileges. This can lead to full system compromise.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
D-Link D-View 8 代码问题漏洞
Vulnerability Description
D-Link D-View 8是中国友讯(D-Link)公司的一款综合网络管理软件。 D-Link D-View 8 2.0.1.107及之前版本存在代码问题漏洞,该漏洞源于安装程序中存在不受控制的搜索路径,可能导致DLL预加载和任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A