CVE-2017-17020
CVE-2017-17020 affects D-Link DCS-5009 (firmware ≤1.08.11), DCS-5010 (≤1.14.09), and DCS-5020L (before 1.15.01). The vulnerability is a remote code execution via command injection in the alphapd web server process: a sanitized AdminID value in the /setSystemAdmin input is passed directly to syste...