In DLink DAP-1360 F1 firmware version <=v6.10 in the "webupg" binary, an attacker can use the "file" parameter to execute arbitrary system commands when the parameter is "name=deleteFile" after being authorized.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-27T19:39:54
Updated: 2024-08-04T04:17:23.576Z
Reserved: 2021-11-22T00:00:00
Link: CVE-2021-44127
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-03-27T20:15:09.240
Modified: 2022-04-04T12:54:21.547
Link: CVE-2021-44127
Redhat
No data.