Arbitrary Command Execution via Password Field in D-Link DCS-2121 Camera Firmware 1.04
CVE-2010-4964 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability.
Learn more about our Web Application Penetration Testing UK.