Remote Command Execution Vulnerability Discovered in D-Link DIR-823X Firmware
CVE-2024-39202
8.8HIGH
What is CVE-2024-39202?
A significant remote command execution vulnerability exists in the D-Link DIR-823X firmware version 240126. This vulnerability is triggered via the 'dhcpd_startip' parameter when navigating to the /goform/set_lan_settings endpoint. An attacker with access to the device can exploit this flaw to execute arbitrary commands remotely, potentially compromising the device and surrounding network security.