Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:DLINK-CVE-2015-1187-CMD-IN |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
D-Link DIR-636L CVE-2015-1187 Remote Command Injection |
Release Date |
2019/02/03 |
Update Number |
3139 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: D-Link DIR-636L CVE-2015-1187 Remote Command Injection
This signature detects attempts to exploit a known vulnerability against D-LInk DIR-636L. Successful attack could lead to Command Injection.
Extended Description
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
Affected Products
- D-link dir-626l_firmware 1.04
- D-link dir-636l_firmware 1.04
- D-link dir-651_firmware 1.10na
- D-link dir-808l_firmware 1.03
- D-link dir-810l_firmware 1.01
- D-link dir-810l_firmware 2.02
- D-link dir-820l_firmware 1.02
- D-link dir-820l_firmware 1.05
- D-link dir-820l_firmware 2.01
- D-link dir-826l_firmware 1.00
- D-link dir-830l_firmware 1.00
- D-link dir-836l_firmware 1.01
- Trendnet tew-651br_firmware -
- Trendnet tew-652br_firmware -
- Trendnet tew-711br_firmware 1.00
- Trendnet tew-731br_firmware 2.01
- Trendnet tew-810dr_firmware 1.00
- Trendnet tew-813dru_firmware 1.00
References