[webapps] D-Link DIR-650IN - Authenticated Command Injection
ATT&CK techniques detected
T1190Exploit Public-Facing Application
86%
“[ webapps ] d - link dir - 650in - authenticated command injection # exploit title : d - link dir - 650in - authenticated command injection # date : 2023 - 01 - 08 # exploit author : sanjay singh # vendor homepage : https : / / www. dlink. com # software link : https : / / dlinkm…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.004Unix Shell
52%
“: 0 : 0 : root : / : / bin / sh nobody : x : 0 : 0 : nobody : / : / dev / null references : https : / / www. dlink. com https : / / dlinkmea. com / index. php / product / details? det = t082avduwufnr2frblbbquxmwlvtzz09”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
51%
“- privilege access ) to inject os commands. exploitation leads to full compromise of the router, including reading sensitive system files such as / etc / passwd. steps to reproduce : 1. log in to the router web interface. 2. go to management → diagnostic. 3. select ping or tracer…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1068Exploitation for Privilege Escalation
50%
“- privilege access ) to inject os commands. exploitation leads to full compromise of the router, including reading sensitive system files such as / etc / passwd. steps to reproduce : 1. log in to the router web interface. 2. go to management → diagnostic. 3. select ping or tracer…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
D-Link DIR-650IN - Authenticated Command Injection