D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
History

Wed, 20 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link di-8400 Firmware
Weaknesses CWE-77
CPEs cpe:2.3:o:d-link:di-8400_firmware:16.07.26a1:*:*:*:*:*:*:*
Vendors & Products D-link
D-link di-8400 Firmware
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 20 Nov 2024 18:00:00 +0000

Type Values Removed Values Added
Description D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-11-20T00:00:00

Updated: 2024-11-20T19:25:01.549Z

Reserved: 2024-11-15T00:00:00

Link: CVE-2024-52739

cve-icon Vulnrichment

Updated: 2024-11-20T19:22:06.551Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-20T18:15:23.393

Modified: 2024-11-21T13:57:24.187

Link: CVE-2024-52739

cve-icon Redhat

No data.