Name of the Vulnerable Software and Affected Versions:

D-Link DI-500WF version 14.04.10A1T

Description:

A security issue has been identified in D-Link DI-500WF. The vulnerability resides in an unknown function within the `/version upgrade.asp` file of the `jhttpd` component. Manipulation of the `path` argument can lead to os command injection, allowing for remote exploitation. The exploit has been publicly disclosed.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.