D-Link DCS-931L Arbitrary File Upload

Posted by deepcore on January 7, 2016 – 12:57 am

This Metasploit module exploits a file upload vulnerability in D-Link DCS-931L network cameras. The setFileUpload functionality allows authenticated users to upload files to anywhere on the file system, allowing system files to be overwritten, resulting in execution of arbitrary commands. This Metasploit module has been tested successfully on a D-Link DCS-931L with firmware versions 1.01_B7 (2013-04-19) and 1.04_B1 (2014-04-21). D-Link DCS-930L, DCS-932L, DCS-933L models are also reportedly affected, but untested.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [webapps] – AVM FRITZ!Box < 6.30 – Buffer Overflow [shellcode] – x86_64 Linux Egghunter – 18 bytes »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

D-Link DCS-931L Arbitrary File Upload

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL