10
CVE-2013-5946
- EPSS 6.25%
- Veröffentlicht 19.12.2013 04:24:51
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "Ping or Trace an IP Address" or (2) "Perform a DNS Lookup" section.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dlink ≫ Dsr-500 Firmware Version <= 1.08b51
Dlink ≫ Dsr-500 Firmware Version1.02b11
Dlink ≫ Dsr-500 Firmware Version1.02b25
Dlink ≫ Dsr-500 Firmware Version1.03b12
Dlink ≫ Dsr-500 Firmware Version1.03b23
Dlink ≫ Dsr-500 Firmware Version1.03b27
Dlink ≫ Dsr-500 Firmware Version1.03b36
Dlink ≫ Dsr-500 Firmware Version1.03b43
Dlink ≫ Dsr-500 Firmware Version1.04b58
Dlink ≫ Dsr-500 Firmware Version1.06b43
Dlink ≫ Dsr-500 Firmware Version1.06b53
Dlink ≫ Dsr-150n Firmware Version <= 1.05b48
Dlink ≫ Dsr-250n Firmware Version <= 1.08b39
Dlink ≫ Dsr-250n Firmware Version1.01b46
Dlink ≫ Dsr-250n Firmware Version1.01b56
Dlink ≫ Dsr-250n Firmware Version1.05b20
Dlink ≫ Dsr-250n Firmware Version1.05b53
Dlink ≫ Dsr-250n Firmware Version1.08b31
Dlink ≫ Dsr-1000 Firmware Version <= 1.08b51
Dlink ≫ Dsr-1000 Firmware Version1.01b50
Dlink ≫ Dsr-1000 Firmware Version1.02b11
Dlink ≫ Dsr-1000 Firmware Version1.02b25
Dlink ≫ Dsr-1000 Firmware Version1.03b12
Dlink ≫ Dsr-1000 Firmware Version1.03b23
Dlink ≫ Dsr-1000 Firmware Version1.03b27
Dlink ≫ Dsr-1000 Firmware Version1.03b36
Dlink ≫ Dsr-1000 Firmware Version1.03b43
Dlink ≫ Dsr-1000 Firmware Version1.04b58
Dlink ≫ Dsr-1000 Firmware Version1.06b43
Dlink ≫ Dsr-1000 Firmware Version1.06b53
Dlink ≫ Dsr-150 Firmware Version <= 1.08b29
Dlink ≫ Dsr-150 Firmware Version1.05b29
Dlink ≫ Dsr-150 Firmware Version1.05b35
Dlink ≫ Dsr-150 Firmware Version1.05b46
Dlink ≫ Dsr-150 Firmware Version1.05b50
Dlink ≫ Dsr-250 Firmware Version <= 1.08b39
Dlink ≫ Dsr-250 Firmware Version1.01b46
Dlink ≫ Dsr-250 Firmware Version1.01b56
Dlink ≫ Dsr-250 Firmware Version1.05b20
Dlink ≫ Dsr-250 Firmware Version1.05b53
Dlink ≫ Dsr-250 Firmware Version1.08b31
Dlink ≫ Dsr-1000n Firmware Version <= 1.08b51
Dlink ≫ Dsr-1000n Firmware Version1.01b50
Dlink ≫ Dsr-1000n Firmware Version1.02b11
Dlink ≫ Dsr-1000n Firmware Version1.02b25
Dlink ≫ Dsr-1000n Firmware Version1.03b12
Dlink ≫ Dsr-1000n Firmware Version1.03b23
Dlink ≫ Dsr-1000n Firmware Version1.03b27
Dlink ≫ Dsr-1000n Firmware Version1.03b36
Dlink ≫ Dsr-1000n Firmware Version1.03b43
Dlink ≫ Dsr-1000n Firmware Version1.04b58
Dlink ≫ Dsr-1000n Firmware Version1.06b43
Dlink ≫ Dsr-1000n Firmware Version1.06b53
Dlink ≫ Dsr-500n Firmware Version <= 1.08b51
Dlink ≫ Dsr-500n Firmware Version1.02b11
Dlink ≫ Dsr-500n Firmware Version1.02b25
Dlink ≫ Dsr-500n Firmware Version1.03b12
Dlink ≫ Dsr-500n Firmware Version1.03b23
Dlink ≫ Dsr-500n Firmware Version1.03b27
Dlink ≫ Dsr-500n Firmware Version1.03b36
Dlink ≫ Dsr-500n Firmware Version1.03b43
Dlink ≫ Dsr-500n Firmware Version1.04b58
Dlink ≫ Dsr-500n Firmware Version1.06b43
Dlink ≫ Dsr-500n Firmware Version1.06b53
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.25% | 0.905 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.