D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.
2024-10-17T18:15:08.323
2025-05-07T16:06:51.717
Analyzed
CVSSv3.1: 8.0 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | dlink | dir-882_firmware | 1.30b06 | Yes |
Hardware | dlink | dir-882 | - | No |
Operating System | dlink | dir-878_firmware | 1.30b08 | Yes |
Hardware | dlink | dir-878 | - | No |