D-Link DSL-2730U Cross-Site Request Forgery Vulnerability

The D-link DI-604 is a small router device. The D-Link DSL-2730U C1 IN1.00 device has a cross-site request forgery vulnerability in its implementation that could allow a remote attacker to change the DNS or firewall configuration or arbitrary passwords...

CVE-2012-5966

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command...

CVE-2012-5966

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command...

CVE-2012-5966

The CVE-2012-5966 issue affects the D-Link DSL2730U router's restricted Telnet shell. An authenticated remote attacker can bypass the command whitelist by chaining shell metacharacters that follow a whitelisted command, effectively injecting commands via sh -c (e.g., whitelisted command with subs...

PT-2012-6209 · D Link · D-Link Dsl 2730-U

Name of the Vulnerable Software and Affected Versions: D-Link DSL2730U router affected versions not specified Description: The issue allows remote authenticated users to bypass intended command restrictions on the D-Link DSL2730U router. This is achieved by using shell metacharacters that follow ...

D-Link DSL2730U router restricted telnet shell command whitelisting bypass

Overview D-Link DSL2730U routers contain a restricted telnet shell with limited allowed commands. An authenticated attacker can chain unauthorized commands through authorized commands in order to bypass the command whitelisting. Description CWE-78: Improper Neutralization of Special Elements used...