D-Link DIR-645 router Remote Arbitrary Command Execution Vulnerability (CVE-2015-2051)
D-Link DIR-645 router Remote Arbitrary Command Execution Vulnerability (CVE-2015-2051)
Release date:
Updated on:
Affected Systems:
D-Link DIR-645 <= 1.04b12
Description:
Bugtraq id: 74870
CVE (CAN) ID: CVE-2015-2051
D-Link DIR-645 is a smart wireless router.
D-Link DIR-645 router Rev. Ax firmware 1.04b12 and earlier versions, there is a arbitrary command execution vulnerability, remote attackers through the HNAP interface GetDeviceSettings operation, attackers can execute arbitrary commands.
<* Source: vendor
*>
Suggestion:
Vendor patch:
D-Link
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://securityadvisories.dlink.com/security/publication.aspx? Name = SAP10051
This article permanently updates the link address: