2 matches found
The vulnerability in the `system_mgr.cgi` script of the D-Link DNS-320 network storage software allows a hacker to execute arbitrary code.
The vulnerability in the systemmgr.cgi script of the D-Link DNS-320 FW network storage software is related to errors in eliminating certain elements in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2021-26097
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTT...