29 matches found
CVE-2026-2260
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...
CVE-2026-2227
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
CVE-2026-2260
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...
CVE-2026-2260 D-Link DCS-931L setSysAdmin os command injection
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...
CVE-2026-2260 D-Link DCS-931L setSysAdmin os command injection
A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This...
PT-2026-7209
Name of the Vulnerable Software and Affected Versions D-Link DCS-931L versions up to 1.13.0 Description A flaw exists in D-Link DCS-931L up to version 1.13.0 that allows for operating system command injection. This occurs through manipulation of the AdminID argument within the /goform/setSysAdmin...
CVE-2026-2227
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
CVE-2026-2227
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
CVE-2026-2227
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
CVE-2026-2227
CVE-2026-2227 affects D-Link DCS-931L devices
CVE-2026-2227 D-Link DCS-931L setSystemAdmin doSystem command injection
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...
D-Link DCS-931L 命令注入漏洞
The D-Link DCS-931L is a wireless camera from the D-Link company. Versions of D-Link DCS-931L prior to 1.13.0 have a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter AdminID in the file /setSystemAdmin, which may lead to command injection...
EUVD-2015-2161
Malware in sbrugna...
CVE-2015-2048
Cross-site request forgery CSRF vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
D-Link DCS-931L - Arbitrary File Upload (Metasploit)
Exploit for hardware platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 /alphapd/ def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link...
D-Link DCS-931L Arbitrary File Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 /alphapd/ def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DCS-931L File Upload', 'Description' = %q This module exploits a...
D-Link DCS-931L File Upload
This module exploits a file upload vulnerability in D-Link DCS-931L network cameras. The setFileUpload functionality allows authenticated users to upload files to anywhere on the file system, allowing system files to be overwritten, resulting in execution of arbitrary commands. This module has be...
D-Link DCS-931L Cross-Site Request Forgery Vulnerability
D-Link DCS-931L is a remote wireless surveillance camera manufactured by AUO D-Link. A cross-site request forgery vulnerability exists in the D-Link DCS-931L. A remote attacker can exploit this vulnerability to perform unauthorized operations...
D-Link DCS-931L with firmware unlimited file upload vulnerability
The D-Link DCS-931L is a D-Link home wireless network camera. An unrestricted file upload vulnerability exists in the D-Link DCS-931L with firmware 1.04 earlier, which could allow a remote, authenticated user to execute arbitrary code by uploading a file with an executable file extension...
CVE-2015-2049
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension...