← voltar
CVE-2015-5536

CVE-2015-5536

EPSS 3.4%
Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://www.belkin.com/us/support-article?articleNum=4975http://www.securityfocus.com/bid/75978http://www.securitytracker.com/id/1033295http://www.zerodayinitiative.com/advisories/ZDI-15-343/http://www.zerodayinitiative.com/advisories/ZDI-15-344/http://www.zerodayinitiative.com/advisories/ZDI-15-346/http://www.zerodayinitiative.com/advisories/ZDI-15-347/http://www.zerodayinitiative.com/advisories/ZDI-15-348/http://www.zerodayinitiative.com/advisories/ZDI-15-349/http://www.zerodayinitiative.com/advisories/ZDI-15-350/http://www.zerodayinitiative.com/advisories/ZDI-15-351/