Remote Command Execution Vulnerability in D-Link DSL2730U Router
CVE-2012-5966

Currently unrated

Key Information:

Vendor: D-Link
Status: Dsl-2730u
Vendor: CVE Published:; 13 December 2012

What is CVE-2012-5966?

The D-Link DSL2730U router contains a vulnerability in its restricted telnet shell that allows remote authenticated users to circumvent established command restrictions. By exploiting shell metacharacters that follow whitelisted commands, attackers can execute unauthorized commands, potentially compromising the device and the network it serves. This vulnerability underscores the importance of securing router configurations and applying necessary firmware updates.

References

http://www.kb.cert.org/vuls/id/876780

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 13, 2012