ГлавнаяУязвимости → CVE-2024-48631
8высокая

CVE-2024-48631

Описание

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

Затрагиваемое ПО
Dlink Dir-882 firmwareDlink Dir-882Dlink Dir-878 firmwareDlink Dir-878
CVSS
Балл8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/pjqwudi1/my_vuln/blob/main/D-link4/vuln_32/32.mdhttps://www.dlink.com/en/security-bulletin/