3 matches found
The vulnerability of the CGI script “info.cgi” in the microprogramming software of D-Link devices such as DNS-320L, DNS-320LW, and DNS-327L allows a hacker to execute arbitrary code.
The vulnerability of the CGI script in the info.cgi microprogramming system of D-Link’s DNS-320L, DNS-320LW, and DNS-327L devices is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted HTTP GET...
Synology DiskStation Manager Cross-Site Scripting Vulnerability (CNVD-2019-03275)
Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. A cross-site scripting vulnerability exists in the info.cgi file in Synology DSM versions prior to...
CVE-2018-8918
Cross-site scripting XSS vulnerability in info.cgi in Synology Router Manager SRM before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter...