D-Link DI-500WF OS Command Injection Vulnerability in jhttpd Component
Vulnerability
An OS command injection vulnerability has been identified in the D-Link DI-500WF router running firmware version 14.04.10A1T. The issue arises in the jhttpd component, specifically within an unknown function of the file '/version_upgrade.asp'. The vulnerability allows remote attackers to manipulate the 'path' argument, leading to unauthorized command execution on the operating system.
Impact
Exploitation of this vulnerability allows for arbitrary OS command execution on the affected device.
Reproduction
To reproduce this vulnerability, log into the router's web interface and navigate to the 'version_upgrade.asp' page. Once there, send a request that includes a crafted 'path' parameter. The payload should be designed to execute a command on the router's operating system. After the request is processed, check for the execution of the command, which can be verified by attempting to write to a file or by executing a command that returns a response.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.