2 matches found
PT-2022-19307 · Totolink · Totolink N600R
Name of the Vulnerable Software and Affected Versions: TOTOLink N600R version V5.3c.7159 B20190425 Description: A command injection issue was discovered via the filename parameter in the "/setting/setUpgradeFW" API endpoint. This allows for potential exploitation. Recommendations: For TOTOLink...
PT-2020-10482 · D Link · D-Link Dwl-2600Ap
Name of the Vulnerable Software and Affected Versions: D-Link DWL-2600AP version 4.2.0.15 Rev A Description: The issue is an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface. This can be exploited by using shell metacharacters in the...