19Eyl
CVE-2024-9004 | D-Link DAR-7000 up to 20240912 Backup_Server_commit.php host os command injection (SAP10354)
A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the argument host leads to os command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2024-9004. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to replace the affected component with an alternative.