2 matches found
CVE-2020-27864
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP...
CVE-2020-27864
CVE-2020-27864 affects D-Link DAP-1860 WiFi extenders (firmware 1.04B03). The flaw is in the HNAP service listening on TCP port 80, where the Authorization header is parsed without proper validation and is used to invoke a system call, allowing remote, network-adjacent attackers to execute arbitr...