CVE-2024-44381

Summary

CVE-2024-44381 is a critical command execution vulnerability found in the D-Link DI_8004W router, specifically within the jhttpd msp_info_htm function. This flaw allows attackers to execute arbitrary commands remotely without requiring user interaction, posing significant risks to an organization's confidentiality, integrity, and availability. The vulnerability has a base severity score of 9.8 and an exploitability score of 3.9, indicating a low attack complexity and high impact potential. To remediate this issue, organizations should consult the D-Link security bulletin for guidance on mitigation strategies. Failure to address this vulnerability could lead to severe security breaches and unauthorized access to sensitive data within affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.