CVE-2024-44333

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution. An attacker can achieve arbitrary command execution by sending a carefully crafted malicious string to the CGI function responsible for handling usb_paswd.asp.
Configurations

No configuration.

History

09 Sep 2024, 21:35

Type Values Removed Values Added
CWE CWE-78
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8

09 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-09 17:15

Updated : 2024-09-09 21:35


NVD link : CVE-2024-44333

Mitre link : CVE-2024-44333

CVE.ORG link : CVE-2024-44333


JSON object : View

Products Affected

No product.

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')