CVE-2024-7922

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-7922
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_audio_search/cgi_create_playlist/cgi_get_album_all_tracks/cgi_get_alltracks_editlist/cgi_get_artist_all_album/cgi_get_genre_all_tracks/cgi_get_tracks_list/cgi_set_airplay_content/cgi_write_playlist of the file /cgi-bin/myMusic.cgi. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_playlist.md Exploit
https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_tracks_list.md Exploit
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 Vendor Advisory
https://vuldb.com/?ctiid.275108 Permissions Required VDB Entry
https://vuldb.com/?id.275108 Permissions Required VDB Entry
https://vuldb.com/?submit.391669 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:dns-120_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-120:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:dnr-202l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dnr-202l:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:dns-315l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-315l:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:dns-320_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:dns-320l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320l:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:dns-320lw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320lw:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dell:dns-321_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-321:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dell:dnr-322l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dnr-322l:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dell:dns-323_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-323:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dell:dns-325_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-325:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dell:dns-326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-326:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dell:dns-327l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-327l:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dell:dnr-326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dnr-326:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dell:dns-340l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-340l:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dell:dns-343_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-343:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dell:dns-345_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-345:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dell:dns-726-4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-726-4:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dell:dns-1100-4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1100-4:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dell:dns-1200-05_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1200-05:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dell:dns-1550-04_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1550-04:-:*:*:*:*:*:*:*
History

20 Aug 2024, 16:20

Type Values Removed Values Added
CPE cpe:2.3:h:dell:dnr-322l:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-340l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dnr-322l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1100-4:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-120_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-340l:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1200-05:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-320l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dnr-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-325:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-327l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-345_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320lw:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-1550-04_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-120:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dnr-202l:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-343_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-323:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-726-4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-326:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-726-4:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-320_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-315l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-321:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320l:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-320lw_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-323_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-321_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-315l:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-1550-04:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dnr-326_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-320:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dnr-202l_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-1100-4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-327l:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-343:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-1200-05_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dns-345:-:*:*:*:*:*:*:*
cpe:2.3:o:dell:dns-325_firmware:-:*:*:*:*:*:*:*
First Time Dell dns-1100-4 Firmware
Dell dns-315l Firmware
Dell dnr-322l Firmware
Dell dnr-326
Dell dns-343 Firmware
Dell dns-1550-04
Dell dns-325
Dell dns-345 Firmware
Dell dns-320lw Firmware
Dell dns-340l
Dell dns-320l Firmware
Dell dns-323 Firmware
Dell dns-340l Firmware
Dell dns-325 Firmware
Dell dns-327l Firmware
Dell dns-1100-4
Dell dnr-322l
Dell dnr-202l
Dell
Dell dns-320
Dell dns-345
Dell dns-1550-04 Firmware
Dell dns-320l
Dell dnr-202l Firmware
Dell dnr-326 Firmware
Dell dns-320 Firmware
Dell dns-321 Firmware
Dell dns-1200-05 Firmware
Dell dns-315l
Dell dns-726-4 Firmware
Dell dns-120 Firmware
Dell dns-326 Firmware
Dell dns-1200-05
Dell dns-321
Dell dns-320lw
Dell dns-323
Dell dns-343
Dell dns-326
Dell dns-327l
Dell dns-120
Dell dns-726-4
CVSS v2 : 6.5
v3 : 6.3 		v2 : 6.5
v3 : 9.8
References () https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_playlist.md - () https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_playlist.md - Exploit
References () https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_tracks_list.md - () https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_tracks_list.md - Exploit
References () https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 - () https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 - Vendor Advisory
References () https://vuldb.com/?ctiid.275108 - () https://vuldb.com/?ctiid.275108 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.275108 - () https://vuldb.com/?id.275108 - Permissions Required, VDB Entry
References () https://vuldb.com/?submit.391669 - () https://vuldb.com/?submit.391669 - Third Party Advisory, VDB Entry
Summary
  • (es) Se encontró una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS- 326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550-04 hasta 20240814 y clasificados como crítico. Afectado por este problema es la función CGI_AUDIO_SEARCH/CGI_CREATE_PLAYLIST/CGI_GET_ALBUM_ALL_TRACKS/CGI_GET_ALLTRACKS_EDITLIST/CGI_GET_ARTIST_ALL_ALBUM/CGI_GET_GENRE_ALL_TRACKS/CGI_GET_TRACKS/CGGI ite_playList del archivo /cgi-bin/mymusic.cgi. La manipulación conduce a la inyección de comandos. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante. NOTA: Se contactó primeramente con el proveedor y se confirmó que el producto ha llegado al final de su vida útil. Debería retirarse y reemplazarse.

19 Aug 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-19 15:15

Updated : 2024-08-20 16:20

NVD link : CVE-2024-7922

Mitre link : CVE-2024-7922

CVE.ORG link : CVE-2024-7922

JSON object : View

Products Affected

dell

  • dns-320l_firmware
  • dns-327l_firmware
  • dns-1550-04_firmware
  • dns-327l
  • dnr-322l
  • dns-315l_firmware
  • dns-1200-05
  • dnr-202l
  • dns-320lw
  • dns-326_firmware
  • dns-726-4
  • dns-326
  • dns-323
  • dns-343
  • dnr-326_firmware
  • dns-321_firmware
  • dns-323_firmware
  • dns-345_firmware
  • dns-1550-04
  • dns-325_firmware
  • dns-120
  • dns-320lw_firmware
  • dnr-202l_firmware
  • dns-325
  • dns-315l
  • dnr-326
  • dns-320
  • dns-120_firmware
  • dns-726-4_firmware
  • dns-1100-4
  • dns-1100-4_firmware
  • dns-1200-05_firmware
  • dns-320l
  • dns-321
  • dnr-322l_firmware
  • dns-343_firmware
  • dns-345
  • dns-320_firmware
  • dns-340l_firmware
  • dns-340l
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')