D-Link DIR-600/DIR 300 Remote Code Execution Vulnerabilities Network Vulnerability

Summary

D-Link DIR-600 and DIR 300 products are prone to a remote code- execution vulnerability. Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. The following products are affected: DIR-300: Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 DIR-600: Firmware-Version : 2.12b02 - 17/01/2012 Firmware-Version : 2.13b01 - 07/11/2012 Firmware-Version : 2.14b01 - 22/01/2013

References

http://packetstormsecurity.com/files/120052/D-Link-DIR-600-DIR-300-Command-Execution-Bypass-Disclosure.html

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AlefMentor Multiple SQL Injection Vulnerabilities
Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
Athena Web Registration remote command execution flaw
Assesi 'bg' Parameter SQL Injection vulnerability
Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities

Take action and discover your vulnerabilities