Leidos Holdings Confirms Data Breach via Third-Party Vendor
July 25, 2024Patchwork APT Uses Advanced Brute Ratel C4 Tool to Target Bhutan – Active IOCs
July 25, 2024Leidos Holdings Confirms Data Breach via Third-Party Vendor
July 25, 2024Patchwork APT Uses Advanced Brute Ratel C4 Tool to Target Bhutan – Active IOCs
July 25, 2024Severity
Medium
Analysis Summary
CVE-2024-4962 CVSS:6.3
D-Link DAR-7000-40 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the /useratte/resmanage.php script. By sending a specially-crafted HTTP request in the file_upload parameter, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVE-2024-4964 CVSS:6.3
D-Link DAR-7000-40 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the /firewall/urlblist.php script. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVE-2024-4965 CVSS:6.3
D-Link DAR-7000-40 router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the /useratte/resmanage.php. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-4962
- CVE-2024-4964
- CVE-2024-4965
Affected Vendors
Affected Products
- D-Link DAR-7000-40 V31R02B1413C
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.