CVE-2018-17066
CVE-2018-17066 affects D-Link DIR-816 A2 with firmware 1.10 B05. The /goform/form2systime.cgi handler builds a command string using the HTTP datetime parameter, allowing command injection via shell metacharacters. Network-accessible in the affected device with no authentication required, and the ...