This Metasploit module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This Metasploit module has been successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.
0775e7d0aff2f6e2825635c995a83bb54708fc9752c08058d2dc8f04aed2e87c