CVE-2024-44382

Summary

CVE-2024-44382 identifies a command execution vulnerability in the D-Link DI_8004W router's jhttpd upgrade_filter_asp function. This vulnerability can be exploited by an attacker within the adjacent network and requires no user interaction or special privileges, posing a high risk with potential impacts on confidentiality, integrity, and availability of affected systems. Organizations using this product are advised to apply available security updates or patches to mitigate the risk associated with this vulnerability. With a base severity score of 8.8, the threat level is categorized as high due to its low attack complexity and significant potential impacts. Detailed information and remediation guidance can be found in D-Link's security bulletins and third-party advisories.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.