CVE-2018-25120
D-Link DNS-343 ShareCenter <= 1.05 Command Injection via /goform/Mail_Test
D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a command injection vulnerability in the Mail Test functionality. The web maintenance script posts to the internal goForm endpoint '/goform/Mail_Test' and uses several form parameters directly in a call to a system email utility without proper input validation. An unauthenticated remote attacker can supply crafted form data that injects shell commands, resulting in execution as root on the device. NOTE: The DNS-343 product line has been declared end-of-life.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
D-Link · DNS-343 ShareCenterpublic PoCs found — 3
cve_referencegithub.com/jamesbercegay/advisories/blob/master/%5BGTSA-00128%5D%20D-Link%20DNS-343%20ShareCenter%201.05%20Remote%20Root.txtunverifiedcve_referenceqkl.seebug.org/vuldb/ssvid-97088unverifiedcve_referencewww.exploit-db.com/exploits/43845unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/jamesbercegay/advisories/blob/master/%5BGTSA-00128%5D%20D-Link%20DNS-343%20ShareCenter%201.05%20Remote%20Root.txthttps://qkl.seebug.org/vuldb/ssvid-97088https://www.dlink.com/al/sq/products/dns-343-sharecenter-4-bay-network-storage-enclosurehttps://www.exploit-db.com/exploits/43845https://www.vulncheck.com/advisories/dlink-dns343-sharecenter-command-injection-via-goform-mail-test