2 matches found
D-Link DIR-3060 授权RCE漏洞(CVE-2021-28144)
Advisory: D-Link DIR-3060 Authenticated RCE CVE-2021-28144 MARCH 11, 2021 Overview The D-Link DIR-3060 running firmware versions below v1.11b04 is affected by a post-authentication command injection vulnerability. Anybody with authenticated access to a DIR-3060 would be able to run arbitrary syst...
CVE-2021-28144
The CVE-2021-28144 issue affects D-Link DIR-3060 routers, where the web management binary prog.cgi handles SOAP SetVirtualServerSettings in a way that can trigger an OS command via an unsafe popen path. Specifically, when LocalIPAddress is provided, Enabled is true, InternalPort is 9, and Protoco...