CVE-2018-17787

2018-10-02T18:29:00
ID CVE-2018-17787
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.