The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.Referenceshttp://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051https://www.exploit-db.com/exploits/37171/http://www.securityfocus.com/bid/72623http://www.securityfocus.com/bid/74870https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10282
