Threat Encyclopedia

D-Link.Central.WiFiManager.FTP.Server.PHP.File.Upload

description-logoDescription

This indicates an attack attempt to exploit an Code Execution Vulnerability in D-Link Central WiFiManager.
The vulnerability is due to hard-coded credentials in the FTP server. A remote attacker can exploit this to upload and execute arbitrary php code on affected devices.

affected-products-logoAffected Products

D-Link Central WiFi Manager before v 1.03r0100-Beta1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates:
https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10092