3 matches found
CVE-2019-10891
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnapmain, which calls system without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header...
CVE-2019-10891
creationtimestamp| type| source ---|---|--- 2024-12-26 20:36:59+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113721043770547462 2024-12-27 10:06:23+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3lebqiq2tvs2l 2024-12-27 17:27:32+00:00| exploited|...
CVE-2019-10891
CVE-2019-10891 affects D-Link DIR-806 devices. The issue is a command injection in the hnap_main function where system() is called with a parameter controllable by the user, enabling remote attackers to execute arbitrary shell commands via a special HTTP header. The CVE is rated critical (CVSS 3....