CVE-2019-16057 – D-Link DNS-320 Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-16057

The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. El archivo script login_mgr.cgi en D-Link DNS-320 versiones hasta 2.05.B10, es vulnerable a la inyección de comandos remota. The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution. • https://blog.cystack.net/d-link-dns-320-rce https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •