CVE-2024-7833
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 15, 2024
Updated: Aug 19, 2024
CWE ID 77
Summary
CVE-2024-7833 is a critical vulnerability affecting D-Link DI-8100 devices running firmware version 16.07. This issue lies in the function upgrade_filter_asp of the file upgrade_filter.asp, where a command injection vulnerability exists. An attacker can manipulate the argument path to inject malicious commands, potentially gaining unauthorized access and control. The exploit is publicly disclosed, increasing the risk of remote attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- D LINK SYSTEMS INC