Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-2049

4 documents4 sources
Severity
9.0CRITICAL
EPSS
82.9%
top 0.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Dlink Dcs-931l Firmware
Timeline
PublishedFeb 23
Latest updateMay 17

Description

Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-2w2w-m9f2-6x9q: Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 12022-05-17
CVEList
CVE-2015-2049: Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 12015-02-23

💥Exploits & PoCs

1
Exploit-DB
D-Link DCS-931L - Arbitrary File Upload (Metasploit)2016-01-07
CVE-2015-2049 (CRITICAL CVSS 9) | Unrestricted file upload vulnerabil | cvebase.io