Metrics
Affected Vendors & Products
Fri, 08 Nov 2024 20:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Dlink dns-320 Dlink dns-320lw Dlink dns-325 Dlink dns-340l | |
| CPEs | cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:* | |
| Vendors & Products | Dlink dns-320 Dlink dns-320lw Dlink dns-325 Dlink dns-340l | 
Wed, 06 Nov 2024 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Dlink Dlink dns-320 Firmware Dlink dns-320lw Firmware Dlink dns-325 Firmware Dlink dns-340l Firmware | |
| CPEs | cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Dlink Dlink dns-320 Firmware Dlink dns-320lw Firmware Dlink dns-325 Firmware Dlink dns-340l Firmware | |
| Metrics | ssvc 
 | 
Wed, 06 Nov 2024 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument group leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. | |
| Title | D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection | |
| Weaknesses | CWE-707 CWE-74 CWE-78 | |
| References |  | |
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published: 2024-11-06T14:00:06.041Z
Updated: 2024-11-06T15:26:07.833Z
Reserved: 2024-11-06T07:07:56.135Z
Link: CVE-2024-10915
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-11-06T15:25:59.345Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-11-06T14:15:05.783
Modified: 2024-11-08T20:11:10.973
Link: CVE-2024-10915
 Redhat
                        Redhat
                    No data.