CVE-2024-10915 | D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L up to 20241028 account_mgr.cgi?cmd=cgi_user_add group os command injection

Çağlar Arlı - 2 Views

CVE-2024-10915 | D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L up to 20241028 account_mgr.cgi?cmd=cgi_user_add group os command injection

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument group leads to os command injection. This vulnerability is handled as CVE-2024-10915. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

P	S	Ç	P	C	C	P
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Annanowa

CVE-2024-10915 | D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L up to 20241028 account_mgr.cgi?cmd=cgi_user_add group os command injection

CVE-2024-10915 | D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L up to 20241028 account_mgr.cgi?cmd=cgi_user_add group os command injection

Son Yazılar

Son Yorumlar