June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
RansomHub Malware Leveraged by NoName Ransomware Gang in Recent Cyberattacks – Active IOCs
September 11, 2024
North Korean APT Kimsuky aka Black Banshee – Active IOCs
September 11, 2024
RansomHub Malware Leveraged by NoName Ransomware Gang in Recent Cyberattacks – Active IOCs
September 11, 2024
North Korean APT Kimsuky aka Black Banshee – Active IOCs
September 11, 2024
Severity
High
Analysis Summary
CVE-2024-44334 CVSS:9.8
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system, caused by insufficient parameter filtering in the CGI handling function of upgrade_filter.asp. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-44335 CVSS:9.8
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system, caused by insufficient filtering of HTTP request parameters in the CGI handling function of version_upgrade_asp-CGI. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-44333 CVSS:9.8
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 could allow a remote attacker to execute arbitrary commands on the system. By sending a specially crafted malicious string to the CGI function responsible for handling usb_paswd.asp, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-44408 CVSS:7.5
D-Link DIR-823G could allow a remote authenticated attacker to obtain sensitive information. By sending a specially crafted request, a remote attacker could exploit this vulnerability to perform unauthorized configuration file downloads.
CVE-2024-44402 CVSS:9.8
D-Link DI-8100G could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in msp_info.htm. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-44401 CVSS:9.8
D-Link DI-8100G could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in upgrade_filter.asp. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-44334
- CVE-2024-44335
- CVE-2024-44333
- CVE-2024-44408
- CVE-2024-44402
- CVE-2024-44401
Affected Vendors
D-Link
Affected Products
- D-Link DI-7200GV2 - 24.04.18E1
- D-Link DI-7003GV2 - 24.04.18D1
- D-Link DI-7100GV2 - 24.04.18D1
- D-Link DI-7100G+V2 - 24.04.18D1
- D-Link DIR-823G - 1.0.2B05_20181207
- D-Link DI-8100G - 17.12.20A1
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.