Full title: D-Link DIR-859 Unauthenticated Remote Command Execution Exploit 
Category: remote exploits
Platform: hardware
D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

# 0day.today @ http://0day.today/