header-logo
Suggest Exploit
vendor:
ShareCenter
by:
SecurityFocus
9,8
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: ShareCenter
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

D-Link ShareCenter products Remote Code Execution Vulnerabilities

D-Link ShareCenter products are prone to multiple remote code-execution vulnerabilities. Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. The vulnerable products are D-Link DNS-320 ShareCenter and D-Link DNS-325 ShareCenter. The vulnerable URLs are http://www.example.com/cgi-bin/system_mgr.cgi?cmd=cgi_sms_test&command1=ls, http://www.example.com/cgi-bin/discovery.cgi, and http://www.example.com/cgi-bin/system_mgr.cgi?cmd=get_firm_v_xml.

Mitigation:

Users should apply the latest available updates from the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/51918/info

D-Link ShareCenter products are prone to multiple remote code-execution vulnerabilities.

Successful exploits will result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

The following products are affected:

D-Link DNS-320 ShareCenter
D-Link DNS-325 ShareCenter 

http://www.example.com/cgi-bin/system_mgr.cgi?cmd=cgi_sms_test&command1=ls
http://www.example.com/cgi-bin/discovery.cgi
http://www.example.com/cgi-bin/system_mgr.cgi?cmd=get_firm_v_xml

Navigation

Suggest Exploit

Services By CQR