2 matches found
CVE-2012-5966
The CVE-2012-5966 issue affects the D-Link DSL2730U router's restricted Telnet shell. An authenticated remote attacker can bypass the command whitelist by chaining shell metacharacters that follow a whitelisted command, effectively injecting commands via sh -c (e.g., whitelisted command with subs...
D-Link DSL2730U router restricted telnet shell command whitelisting bypass
Overview D-Link DSL2730U routers contain a restricted telnet shell with limited allowed commands. An authenticated attacker can chain unauthorized commands through authorized commands in order to bypass the command whitelisting. Description CWE-78: Improper Neutralization of Special Elements used...