D-Link DIR-846W A1 FW100A43 Vulnerability Affects Remote Command Execution
CVE-2024-41622

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-846w Firmware
Vendor: CVE Published:; 27 August 2024

What is CVE-2024-41622?

The D-Link DIR-846W A1 router was found to be vulnerable to a remote command execution (RCE) attack, which can be exploited through the 'tomography_ping_address' parameter in the /HNAP1/ interface. This vulnerability may allow unauthenticated attackers to execute arbitrary commands on the affected device, potentially compromising the integrity of the router and exposing sensitive network data. It is crucial for users to apply necessary security measures to protect their network devices from this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.dlink.com/en/security-bulletin/

http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DI...

https://github.com/yali-1002/some-poc/blob/main/CVE-2024-...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 27, 2024
Vulnerability Reserved
Jul 18, 2024

JSON

D-Link

What is CVE-2024-41622?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.