An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.Referenceshttps://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-4.pdfhttp://www.securityfocus.com/bid/109131
