CVE-2024-8461

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 5, 2024
CWE ID 200

Summary

CVE-2024-8461 is a vulnerability affecting the D-Link DNS-320 device, specifically in the Web Management Interface's /cgi-bin/discovery.cgi file, leading to potential information disclosure. This vulnerability can be exploited remotely and has been publicly disclosed, posing a medium risk as it allows for low-level confidentiality impact with no integrity or availability concerns. The affected product is no longer supported by the vendor, which has confirmed its end-of-life status. Organizations using this product are advised to retire and replace it to mitigate the associated risks. The CVSS base score for this vulnerability is 5.3, indicating a moderate severity level that should be addressed promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share