Request a Demo
Rewterz
RansomHub Malware Leveraged by NoName Ransomware Gang in Recent Cyberattacks – Active IOCs
September 11, 2024
Rewterz
North Korean APT Kimsuky aka Black Banshee – Active IOCs
September 11, 2024

Multiple D-Link Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-44334 CVSS:9.8

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system, caused by insufficient parameter filtering in the CGI handling function of upgrade_filter.asp. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-44335 CVSS:9.8

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system, caused by insufficient filtering of HTTP request parameters in the CGI handling function of version_upgrade_asp-CGI. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-44333 CVSS:9.8

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system. By sending a specially crafted malicious string to the CGI function responsible for handling usb_paswd.asp, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-44408 CVSS:7.5

D-Link DIR-823G could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, a remote attacker could exploit this vulnerability to perform unauthorized configuration file downloads.

CVE-2024-44402 CVSS:9.8

D-Link DI-8100G could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in msp_info.htm. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-44401 CVSS:9.8

D-Link DI-8100G could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in upgrade_filter.asp. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

  • Code Execution

Indicators of Compromise

CVE

  • CVE-2024-44334
  • CVE-2024-44335
  • CVE-2024-44333
  • CVE-2024-44408
  • CVE-2024-44402
  • CVE-2024-44401

Affected Vendors

D-Link

Affected Products

  • D-Link DI-7200GV2 - 24.04.18E1
  • D-Link DI-7003GV2 - 24.04.18D1
  • D-Link DI-7100GV2 - 24.04.18D1
  • D-Link DI-7100G+V2 - 24.04.18D1
  • D-Link DIR-823G - 1.0.2B05_20181207
  • D-Link DI-8100G - 17.12.20A1

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2024-44334

CVE-2024-44335

CVE-2024-44333

CVE-2024-44408

CVE-2024-44402

CVE-2024-44401