Multiple D-Link products HNAP command remote elevation of privilege vulnerability-vulnerability warning-the black bar safety net

2015-04-28T00:00:00
ID MYHACK58:62201561777
Type myhack58
Reporter 佚名
Modified 2015-04-28T00:00:00

Description

Affected system: D-Link Wireless Router Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 7 4 0 5 1

D-link focused on wireless network and Ethernet hardware products design and development.

Multiple D-Link products in the HNAP command on the realization of the presence of a remote privilege escalation vulnerability, a remote authenticated attacker could exploit this vulnerability can obtain elevated privileges.

<source: Zhang, Wei (Qihoo360 ADLAB) >

Recommendations: -------------------------------------------------------------------------------- Manufacturers patch:

D-Link \ ------ The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:

http://www.dlink.com/