2 matches found
CVE-2019-8316
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...
CVE-2019-8316
CVE-2019-8316 (D-Link DIR-878) involves a command injection in firmware 1.12A1 where any HNAP API function can trigger execution of system commands via untrusted input in the WebFilterURLs field of SetWebFilterSettings, delivered through a crafted /HNAP1 POST request. The vulnerability allows a r...