Name of the Vulnerable Software and Affected Versions:

D-Link DCS-2530L versions prior to 1.06.01 Hotfix

D-Link DCS-2670L versions prior to 2.03

Description:

An issue was discovered that allows authenticated command injection through the cgi-bin/ddns enc.cgi endpoint.

Recommendations:

For D-Link DCS-2530L versions prior to 1.06.01 Hotfix, update to version 1.06.01 Hotfix or later.

For D-Link DCS-2670L versions prior to 2.03, update to version 2.03 or later.