Vulnerability Details CVE-2015-2049
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.829
EPSS Ranking 99.2%
CVSS Severity
CVSS v2 Score 9.0
References
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10049
- http://www.kb.cert.org/vuls/id/377348
- https://www.exploit-db.com/exploits/39192/
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10049
- http://www.kb.cert.org/vuls/id/377348
- https://www.exploit-db.com/exploits/39192/
Products affected by CVE-2015-2049
-
cpe:2.3:h:dlink:dcs-931l:-
-
cpe:2.3:o:dlink:dcs-931l_firmware:1.04