D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dlink
Dlink dir-878 Firmware Dlink dir-882 Firmware |
|
Weaknesses | CWE-78 | |
CPEs | cpe:2.3:o:dlink:dir-878_firmware:1.30b08:*:*:*:*:*:*:* cpe:2.3:o:dlink:dir-882_firmware:1.30b06:*:*:*:*:*:*:* |
|
Vendors & Products |
Dlink
Dlink dir-878 Firmware Dlink dir-882 Firmware |
|
Metrics |
cvssV3_1
|
Thu, 17 Oct 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-17T00:00:00
Updated: 2024-10-17T19:03:55.490Z
Reserved: 2024-10-08T00:00:00
Link: CVE-2024-48635
Vulnrichment
Updated: 2024-10-17T19:02:56.371Z
NVD
Status : Awaiting Analysis
Published: 2024-10-17T18:15:08.573
Modified: 2024-10-18T12:52:33.507
Link: CVE-2024-48635
Redhat
No data.