Remote Command Execution in Belkin N300 Dual-Band Wi-Fi Range Extender Firmware

Remote Command Execution in Belkin N300 Dual-Band Wi-Fi Range Extender Firmware

CVE-2015-5536 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.

Learn more about our User Device Pen Test.