2 matches found
CVE-2018-19989
In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth...
CVE-2018-19989
CVE-2018-19989 affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 via the /HNAP1/SetQoSSettings uplink parameter. In SetQoSSettings.php the uplink value is saved to internal memory at /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth without any regex validation and later consumed by...