daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2018-10823.yaml

patch-1
Prince Chaddha 2022-06-20 21:20:55 +05:30 committed by GitHub
parent 902db59ed9
commit b0e82f9181
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2018/CVE-2018-10823.yaml
View File

@ -4,7 +4,8 @@ info:
name: D-Link Routers - Remote Command Injection
author: wisnupramoedya
severity: high
description: D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.
description: |
D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.
reference:
- https://www.exploit-db.com/exploits/45676
- https://nvd.nist.gov/vuln/detail/CVE-2018-10823