CVE-2013-10050HIGHCVSS 8.7≥ *, ≤ 1.052025-08-01
CVE-2013-10050 [HIGH] CWE-78 CVE-2013-10050: An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (
An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exp
cvelistv5nvd