Vulnerability Details CVE-2016-11021
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.904
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 9.0
Proposed Action
setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.
Ransomware Campaign
Unknown
Products affected by CVE-2016-11021
-
cpe:2.3:h:dlink:dcs-930l:-
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.00
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.02
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.05
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.06
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.08
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.09
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.12.03
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.14
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.14.02
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.15.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.16.04
-
cpe:2.3:o:dlink:dcs-930l_firmware:1.27
-
cpe:2.3:o:dlink:dcs-930l_firmware:2.01