Lucene search

K
zdiAnonymousZDI-22-1223
HistorySep 14, 2022 - 12:00 a.m.

D-Link DIR-2150 xupnpd_generic Plugin Command Injection Remote Code Execution Vulnerability

2022-09-1400:00:00
Anonymous
www.zerodayinitiative.com
14
d-link dir-2150
xupnpd_generic plugin
remote code execution
vulnerability
command injection
network-adjacent attackers
authentication bypass
tcp port 4044
system call
service account

EPSS

0.001

Percentile

39.6%

This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the xupnpd service, which listens on TCP port 4044 by default. When parsing the feed parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account.

EPSS

0.001

Percentile

39.6%