Where:From local network
Impact:System access
Solution Status:Vendor Patch
D-Link DNS-315
D-Link DNS-320L
D-Link DNS-327L
D-Link DNS-345
Description
A vulnerability has reported in multiple D-Link products, which can be exploited by malicious people to compromise a vulnerable device.
Certain unspecified input passed to login_mgr.cgi is not properly sanitised before being used. This can be exploited to inject and execute arbitrary shell commands.
The vulnerability is reported in the following products and versions:
* D-Link DNS-315L firmware versions 1.02b02 and prior
* D-Link DNS-320L firmware versions 1.03b04 and prior
* D-Link DNS-327L firmware versions 1.02 and prior
* D-Link DNS-345 firmware versions 1.04b01 and prior
Solution:
Update to a fixed version.
http://secunia.com/advisories/59929/
Impact:System access
Solution Status:Vendor Patch
D-Link DNS-315
D-Link DNS-320L
D-Link DNS-327L
D-Link DNS-345
Description
A vulnerability has reported in multiple D-Link products, which can be exploited by malicious people to compromise a vulnerable device.
Certain unspecified input passed to login_mgr.cgi is not properly sanitised before being used. This can be exploited to inject and execute arbitrary shell commands.
The vulnerability is reported in the following products and versions:
* D-Link DNS-315L firmware versions 1.02b02 and prior
* D-Link DNS-320L firmware versions 1.03b04 and prior
* D-Link DNS-327L firmware versions 1.02 and prior
* D-Link DNS-345 firmware versions 1.04b01 and prior
Solution:
Update to a fixed version.
http://secunia.com/advisories/59929/