August 29, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple NETGEAR Products Vulnerabilities
November 6, 2024
Amadey Botnet – Active IOCs
November 7, 2024
Multiple NETGEAR Products Vulnerabilities
November 6, 2024
Amadey Botnet – Active IOCs
November 7, 2024
Severity
High
Analysis Summary
CVE-2024-51024 CVSS:8.8
D-Link DIR_823G could allow a remote authenticated attacker to execute arbitrary code/commands on the system, caused by ISSUE. By sending a specially crafted HostName parameter in the SetWanSettings function, an attacker could exploit this vulnerability to execute arbitrary OS commands on the system.
CVE-2024-51023 CVSS:8.8
D-Link DIR_823G could allow a remote authenticated attacker to execute arbitrary code/commands on the system, caused by ISSUE. By sending a specially crafted Address parameter in the SetNetworkTomographySettings function, an attacker could exploit this vulnerability to execute arbitrary OS commands on the system.
Impact
- Code Execution
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-51024
- CVE-2024-51023
Affected Vendors
D-Link
Affected Products
- D-Link DIR_823G - 1.0.2B05
Remediation
Refer to D-Link Security Advisory for patch, upgrade, or suggested workaround information.