Command Injection Vulnerability in D-Link DIR-878 Router
CVE-2019-8316
8.8HIGH
What is CVE-2019-8316?
A command injection vulnerability on D-Link DIR-878 devices allows remote attackers to execute arbitrary commands via specially crafted /HNAP1 POST requests. This occurs due to inadequate input validation in the SetWebFilterSettings API function, particularly when untrusted data is processed, leading to potential unauthorized access and control of the device.