CVE-2024-52739

CVSS 3.1 Score 8 of 10 (high)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

CWE ID 77

Summary

CVE-2024-52739 refers to a remote command execution (RCE) vulnerability affecting D-LINK DI-8400 v16.07.26A1 firmware. The vulnerability was identified in the msp_info_htm function, which can be exploited through the flag and cmd parameters. An attacker can send maliciously crafted input to the affected system, resulting in arbitrary code execution. Successful exploitation could lead to unauthorized system access, data theft, or further attacks. It is strongly recommended that users update their firmware to a secure version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0t36mV
https://www.cve.org/CVERecord?id=CVE-2024-52739
https://nvd.nist.gov/vuln/detail/CVE-2024-52739

Back to Vulnerability Database

CVE-2024-52739

CVSS 3.1 Score 8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations