What is CVE-2015-2049?

CVE-2015-2049 is a vulnerability in Dlink Dcs-931l. Published 2015-02-23.

Is CVE-2015-2049 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Dlink Dcs-931l

CVE-2015-2049

Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

EPSS: 0.845 (99.3th percentile) — read the EPSS interpretation.

Affected products

Dlink Dcs-931l
Dlink Dcs-931l_firmware
N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon

References

39192 (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
VU#377348 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2015-2049?: CVE-2015-2049 is a vulnerability in Dlink Dcs-931l. Published 2015-02-23.
Is CVE-2015-2049 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.