Name of the Vulnerable Software and Affected Versions:

D-Link DI-8100G version 17.12.20A1

Description:

The issue is related to a command injection vulnerability via the `sub47A60C` function in the `upgrade filter.asp` file. This vulnerability is associated with the failure to neutralize special elements used in the operating system command, which can allow a remote attacker to execute arbitrary commands.

Recommendations:

For D-Link DI-8100G version 17.12.20A1, consider disabling the `sub47A60C` function in the `upgrade filter.asp` file as a temporary workaround until a patch is available. Restrict access to the `upgrade filter.asp` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.