The vulnerabilities in the scripts system_mgr.cgi, account_mgr.cgi, dsk_mgr.cgi, and app_mgr.cgi of the D-Link DNS-320 network storage software allow attackers to execute arbitrary commands.
The vulnerability in the scripts systemmgr.cgi, accountmgr.cgi, dskmgr.cgi, and appmgr.cgi of the D-Link DNS-320 network storage software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability can allow an...