Françoa Taffarel Rosário Corrêa

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-846 version FW100A53DBR **Description** A critical vulnerability was found in the D-Link DIR-846 router, affecting an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the `smartqos express devices` and `smartqos normal devices` arguments leads to deserialization, allowing an attacker to initiate the attack remotely by sending a specially crafted POST request. The exploit has been disclosed to the public and may be used. **Recommendations** As a temporary workaround, consider disabling the QoS POST Handler until a patch is available. Restrict access to the /HNAP1/ file to minimize the risk of exploitation. Avoid using the `smartqos express devices` and `smartqos normal devices` arguments in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-846 Firmware FW100A53DBR **Description** The issue is related to a remote command execution vulnerability via the `lan(0) dhcps staticlist` parameter. This vulnerability can be exploited through a crafted POST request, allowing a remote attacker to execute arbitrary commands. The vulnerability is due to the lack of proper sanitization of special elements used in the operating system command when processing the `lan(0) dhcps staticlist` parameter. **Recommendations** For D-Link DIR-846 Firmware FW100A53DBR, as a temporary workaround, consider disabling the `lan(0) dhcps staticlist` parameter until a patch is available. Restrict access to the vulnerable parameter to minimize the risk of exploitation. Avoid using the `lan(0) dhcps staticlist` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.