The vulnerability of the onUploadLogPic component of the software controller allows for the insertion of arbitrary HTML code by intruders, enabling them to manipulate wireless networks through the D-Link Central WiFi Manager.

The vulnerability of the onUploadLogPic component of the software controller for D-Link Central WiFi Manager’s centralized wireless network management system is related to insufficient restrictions on file uploads. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML co...

D-Link Central WiFi Manager Arbitrary Code Execution Vulnerability

D-Link Central WiFi Manager is a WiFi management system from AUO D-Link. A security vulnerability exists in the onUploadLogPic endpoint in versions prior to D-Link Central WiFi Manager 1.03r0100-Beta1. The vulnerability can be exploited by remote attackers to execute arbitrary PHP code with the...

CVE-2018-17442

An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code...

PT-2018-2074 · D Link · D-Link Central Wifi Manager

Name of the Vulnerable Software and Affected Versions: D-Link Central WiFi Manager versions prior to 1.03r0100-Beta1 Description: The issue is related to an unrestricted file upload vulnerability in the "onUploadLogPic" endpoint, which allows remote authenticated users to execute arbitrary PHP...