First published: Thu Mar 11 2021(Updated: )
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-3060 Firmware | <=1.11b04 | |
Dlink Dir-3060 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.