The vulnerability of the SetPlcNetworkpwd() function in the prog.cgi script of the D-Link DIR-822+ wireless router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the SetPlcNetworkpwd function in the prog.cgi script of the D-Link DIR-822+ wireless router microprogramming system is related to the failure to take measures to neutralize special elements used in the operating system’s command when processing the localplc parameter...

PT-2024-3191 · D Link · D-Link Dir-822

Name of the Vulnerable Software and Affected Versions: D-Link DIR-822+ version 1.0.5 Description: The issue is related to a command injection in the SetPlcNetworkpwd function of the prog.cgi script, which allows remote attackers to execute arbitrary commands via shell. This is due to the lack of...