NuytsTech Security

CVE-2019-13481

by ·

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to SetWanSettings.

Date published : 2019-07-10

http://www.securityfocus.com/bid/109131

https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-3.pdf

Tags: