Nguyen Van Chung

**Name of the Vulnerable Software and Affected Versions** D-Link DAP-1860 versions prior to v1.04b03 Beta **Description** The issue allows for arbitrary remote code execution as root without authentication. This is achieved via shell metacharacters within an HNAP AUTH HTTP header. **Recommendations** For versions prior to v1.04b03 Beta, update to v1.04b03 Beta or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** D-Link DAP-1860 versions prior to v1.04b03 Beta **Description** The issue allows access to administrator functions without authentication by manipulating the HNAP AUTH header timestamp value in HTTP requests. This value is compared to the one stored in the device's /var/hnap/timestamp file. If the two values match, the request passes the authentication check. **Recommendations** For versions prior to v1.04b03 Beta, update to version v1.04b03 Beta or later to resolve the issue. As a temporary workaround, consider restricting access to the device's administrator functions until the update can be applied.