D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell.
2024-04-26T18:15:46.467
2025-05-21T12:51:29.240
Analyzed
CVSSv3.1: 9.8 (CRITICAL)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | dlink | dir-822\+_firmware | 1.05 | Yes |
Hardware | dlink | dir-822\+ | - | No |