CVE-2015-5536
CVE-2015-5536
Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://www.belkin.com/us/support-article?articleNum=4975http://www.securityfocus.com/bid/75978http://www.securitytracker.com/id/1033295http://www.zerodayinitiative.com/advisories/ZDI-15-343/http://www.zerodayinitiative.com/advisories/ZDI-15-344/http://www.zerodayinitiative.com/advisories/ZDI-15-346/http://www.zerodayinitiative.com/advisories/ZDI-15-347/http://www.zerodayinitiative.com/advisories/ZDI-15-348/http://www.zerodayinitiative.com/advisories/ZDI-15-349/http://www.zerodayinitiative.com/advisories/ZDI-15-350/http://www.zerodayinitiative.com/advisories/ZDI-15-351/