CVE-2024-7357

Summary

CVE-2024-7357 is a critical vulnerability that affects the D-Link DIR-600 routers up to version 2.18. The issue lies in the function soapcgi_main of the /soap.cgi file, where manipulation of the argument service can lead to os command injection. This vulnerability can be exploited remotely, and the exploit has already been disclosed to the public. The identifier VDB-273329 was assigned to this issue. Importantly, this vulnerability only impacts unsupported D-Link DIR-600 routers that are no longer maintained by the vendor. The vendor has confirmed that the product is end-of-life and should be retired and replaced.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.