CVE-2017-17020HIGHCVSS 8.8PoC≤ 1.14.092018-05-01
CVE-2017-17020 [HIGH] CWE-78 CVE-2017-17020: On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09
On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in
nvd