CVE-2018-17787

On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.
References
Link Resource
https://xz.aliyun.com/t/2834 Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2018-10-02 06:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-17787

Mitre link : CVE-2018-17787

Products Affected
CWE