A vulnerability has been found in D-Link DIR-816 A2 1.10CNB04 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setDeviceSettings of the component Web Interface. The manipulation of the argument statuscheckpppoeuser leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252139.
Metrics
Affected Vendors & Products
References
History
Fri, 18 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
D-link
D-link dir-816 A2 |
|
CPEs | cpe:2.3:h:d-link:dir-816_a2:-:*:*:*:*:*:*:* | |
Vendors & Products |
D-link
D-link dir-816 A2 |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-01-26T13:31:04.255Z
Updated: 2024-10-18T14:58:48.240Z
Reserved: 2024-01-26T08:01:36.041Z
Link: CVE-2024-0921
Vulnrichment
Updated: 2024-08-01T18:18:19.067Z
NVD
Status : Modified
Published: 2024-01-26T14:15:50.237
Modified: 2024-11-21T08:47:44.897
Link: CVE-2024-0921
Redhat
No data.