logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-28144

Description

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely.


Affected Software


CPE Name Name Version
dlink:dir-3060_firmware dlink dir-3060 firmware 1.11b04

Related