NuytsTech Security

CVE-2020-6841

by ·

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.

Date published : 2020-02-21

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10152

https://gist.github.com/jezzaaa/38c752d0a129576b2cc523ce6325050f

Tags: