Raki Ben Hamouda

**Name of the Vulnerable Software and Affected Versions** D-Link DWL-2600AP version 4.2.0.15 Rev A **Description** The issue is an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface. This can be exploited by using shell metacharacters in the `configRestore` or `configServerip` parameter of the `admin.cgi?action=config restore` endpoint. **Recommendations** For D-Link DWL-2600AP version 4.2.0.15 Rev A, as a temporary workaround, consider restricting access to the Restore Configuration functionality in the Web interface until a patch is available. Avoid using shell metacharacters in the `configRestore` or `configServerip` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DWL-2600AP version 4.2.0.15 Rev A **Description** The issue is an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface. This can be exploited by using shell metacharacters in the `firmwareRestore` or `firmwareServerip` parameter of the `admin.cgi?action=upgrade` endpoint, such as "/api/admin.cgi?action=upgrade". **Recommendations** For D-Link DWL-2600AP version 4.2.0.15 Rev A, as a temporary workaround, consider restricting access to the `admin.cgi?action=upgrade` endpoint until a patch is available. Avoid using shell metacharacters in the `firmwareRestore` or `firmwareServerip` parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Comtrend VR-3033 DE11-416SSG-C01 R02.A2pvI042j1.d26m **Description** The issue concerns Multiple Authenticated Command Injection vulnerabilities. These vulnerabilities can be exploited via the ping and traceroute diagnostic pages. Specifically, the `pingIpAddress` parameter to `ping.cgi` is vulnerable to shell metacharacters. **Recommendations** For Comtrend VR-3033 DE11-416SSG-C01 R02.A2pvI042j1.d26m, as a temporary workaround, consider restricting access to the ping and traceroute diagnostic pages until a patch is available. Avoid using the `pingIpAddress` parameter in the affected `ping.cgi` endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DWL-2600AP version 4.2.0.15 Rev A **Description** The issue is related to an authenticated OS command injection vulnerability in the Save Configuration functionality of the Web interface. This vulnerability can be exploited by using shell metacharacters in the `admin.cgi?action=config save` `configBackup` or `downloadServerip` parameter. The exploitation of this vulnerability may allow an attacker to execute arbitrary commands. **Recommendations** For D-Link DWL-2600AP version 4.2.0.15 Rev A, as a temporary workaround, consider disabling the Save Configuration functionality in the Web interface until a patch is available. Restrict access to the `admin.cgi?action=config save` endpoint to minimize the risk of exploitation. Avoid using the `configBackup` and `downloadServerip` parameters in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.