Command Injection Vulnerability in D-Link DIR-845L Router
CVE-2024-33112

Currently unrated

Key Information:

Vendor: D-Link
Status: DIR-845L Router
Vendor: CVE Published:; 6 May 2024

Summary

The D-Link DIR-845L router versions v1.01KRb03 and prior are susceptible to a command injection vulnerability through the hnap_main() function. This flaw allows attackers to inject arbitrary commands, potentially leading to unauthorized access or manipulation of system functionalities. Users of affected versions are advised to upgrade to the latest firmware and implement security best practices to mitigate risks associated with this vulnerability.

References

https://github.com/yj94/Yj_learning/blob/main/Week16/D-LI...

https://github.com/yj94/Yj_learning/blob/b597925953d8bbb2...

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 6, 2024
Vulnerability Reserved
Apr 23, 2024