A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The…
VulDB·CWE-74·Published 2025-05-08
Eine Schwachstelle wurde in D-Link DIR-605L 2.13B01 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um die Funktion sub_454F2C. Durch das Manipulieren des Arguments sysCmd mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden.
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.
Se encontró una vulnerabilidad en D-Link DIR-605L 2.13B01. Se ha clasificado como crítica. Este problema afecta a la función sub_454F2C. La manipulación del argumento sysCmd provoca la inyección de comandos. El ataque puede ejecutarse en remoto. Se contactó al proveedor con antelación para informarle sobre esta vulnerabilidad. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | cve.org | 6.5 | — | — | AV:N/AC:L/Au:S/C:P/I:P/A:P |
| 2.0 | Primary | cve.org | 6.5 | — | — | AV:N/AC:L/Au:S/C:P/I:P/A:P |
| 2.0 | Secondary | NVD | 6.5 | 8.0 | 6.4 | AV:N/AC:L/Au:S/C:P/I:P/A:P |
| 3.0 | Primary | cve.org | 6.3 | — | — | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| 3.0 | Primary | cve.org | 6.3 | — | — | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| 3.1 | Primary | NVD | 9.8 | 3.9 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| 3.1 | Primary | cve.org | 6.3 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| 3.1 | Secondary | NVD | 6.3 | 2.8 | 3.4 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
| 4.0 | Primary | cve.org | 5.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| 4.0 | Primary | cve.org | 5.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 5.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |