The vulnerability in the auth_pic.cgi script of the D-Link DI-7500G-CI router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the authpic.cgi microprogramming system of D-Link DI-7500G-CI routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a specially created HTML page...

Cross site scripting

A Cross Site Scripting XSS vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /authpic.cgi...

CVE-2023-34856

A Cross Site Scripting XSS vulnerability in D-Link DI-7500G-CI-19.05.29A allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /authpic.cgi...

CVE-2023-34856

The CVE-2023-34856 entry concerns a Cross Site Scripting (XSS) vulnerability in D-Link DI-7500G-CI-19.05.29A. A crafted HTML file uploaded to the web interface at /auth_pic.cgi can allow arbitrary code execution. Affected product/version: D-Link DI-7500G-CI, version 19.05.29A. Root cause/impa ct ...

D-Link DI-7500G-CI 跨站脚本漏洞

The D-Link DI-7500G-CI is an Internet Behavior Management router from China-based D-Link. A security vulnerability exists in the D-Link DI-7500G-CI-19.05.29A, which can be exploited to execute arbitrary code via the /authpic.cgi file upload interface in the route management interface...