CVE-2024-7830

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 15, 2024

Updated: Aug 19, 2024

CWE ID 120

Summary

CVE-2024-7830: A critical buffer overflow vulnerability was identified in various D-Link DNS models, including DNS-120, DNR-202L, and others, up to version 20240814. This issue lies within the cgi_move_photo function of the /cgi-bin/photocenter_mgr.cgi file, which can be exploited remotely by manipulating the photo_name argument. The vulnerability has been disclosed publicly, posing a significant risk. However, it's essential to note that the affected products are no longer supported by the maintainer and should be retired and replaced.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xxTBer
https://www.cve.org/CVERecord?id=CVE-2024-7830
https://nvd.nist.gov/vuln/detail/CVE-2024-7830

Back to Vulnerability Database

CVE-2024-7830

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations