Dlink: >> Dir-825 >> g1 Security Vulnerabilities
In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification, attackers can use "cmd" parameters to execute arbitrary system commands after obtaining authorization.
CVSS Score
8.8
EPSS Score
0.23
Published
2022-04-27
In the "webupg" binary of D-Link DIR-825 G1, attackers can bypass authentication through parameters "autoupgrade.asp", and perform functions such as downloading configuration files and updating firmware without authorization.
CVSS Score
9.8
EPSS Score
0.087
Published
2022-04-27