On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
dir-550a_firmware | eq | <= 2.10kr | |
dir-604m_firmware | eq | <= 2.10kr |