cpe:/o:d-link:dir-816_a2_firmware:1.10_b05 CVE-2018-17068 2018-09-15T17:29:00.880-04:00 2019-10-02T20:03:26.223-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2018-11-05T10:43:28.517-05:00 MISC https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_1 An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.