CVE-2020-27600

CVE-2020-27600

EPSS 13.9%

HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows remote attackers to execute arbitrary commands via shell metacharacters in the ssid0 or ssid1 parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/pwnninja/dlink/blob/main/DIR-846_SetMasterWLanSettingsCI.md https://www.dlink.com https://www.dlink.com/en/security-bulletin/