February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Vidar Malware – Active IOCs
February 27, 2024Rewterz Threat Advisory – CVE-2024-22243 – VMware Tanzu Spring Framework Vulnerability
February 27, 2024Rewterz Threat Alert – Vidar Malware – Active IOCs
February 27, 2024Rewterz Threat Advisory – CVE-2024-22243 – VMware Tanzu Spring Framework Vulnerability
February 27, 2024
Severity
High
Analysis Summary
CVE-2023-24330 CVSS:9.8
D-Link Dir 882 could allow a remote attacker to execute arbitrary commands on the system. By sending a specially crafted crafted POST request to /HNAP1/, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-24331 CVSS:9.8
D-Link Dir 816 could allow a remote attacker to execute arbitrary commands on the system. By sending a specially crafted crafted urlAdd parameter, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-24330
- CVE-2023-24331
Affected Vendors
D-Link
Affected Products
- D-Link DIR-882 DIR882A1_FW130B06
- D-Link DIR-816 A2_v1.10CNB04
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.