The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/130607/D-Link-DIR636L-Remote-Command-Injection.html | Issue Tracking Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/131465/D-Link-TRENDnet-NCC-Service-Command-Injection.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2015/Mar/15 | Issue Tracking Mailing List Third Party Advisory |
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10052 | Permissions Required Vendor Advisory |
http://www.securityfocus.com/bid/72848 | Third Party Advisory VDB Entry |
https://github.com/darkarnium/secpub/tree/master/Multivendor/ncc2 | Issue Tracking Mitigation Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-21T16:00:00
Updated: 2017-09-21T15:57:01
Reserved: 2015-01-17T00:00:00
Link: CVE-2015-1187
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-09-21T16:29:00.147
Modified: 2023-11-08T20:19:37.313
Link: CVE-2015-1187
JSON object: View
Redhat Information
No data.
CWE