First published: Wed Sep 13 2017(Updated: )
The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root because /etc/services/INET/inet_ipv4.php mishandles shell metacharacters, affecting generated files such as WAN-1-udhcpc.sh.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-850l Firmware | <fw114wwb07_h2ab | |
Dlink Dir-850l Firmware | =fw114wwb07_h2ab-beta1 | |
Dlink Dir-850l | ||
Dlink Dir-850l Firmware | <=fw208wwb02 | |
D-link Dir-850l Firmware | <=fw114wwb07_h2ab | |
D-link Dir-850l Firmware | <=fw208wwb02 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.