CVE-2024-22651

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 24, 2024

Updated: Jan 30, 2024

CWE ID 77

Summary

CVE-2024-22651 refers to a command injection vulnerability discovered in the ssdpcgi_main function of the cgibin binary present in D-Link DIR-815 router firmware version 1.04. An attacker can exploit this flaw by injecting malicious commands, potentially gaining elevated privileges and compromising the affected device. This vulnerability poses a significant risk to network security and requires immediate attention from users running the affected firmware version. It is highly recommended that users upgrade to the latest available firmware version to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

D LINK SYSTEMS INC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uGxjZ9
https://www.cve.org/CVERecord?id=CVE-2024-22651
https://nvd.nist.gov/vuln/detail/CVE-2024-22651

Back to Vulnerability Database

CVE-2024-22651

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations