Command Injection Vulnerability in D-Link DI-8300 Router
CVE-2024-44411

Currently unrated

Key Information:

Vendor

D-Link

Status
Vendor
CVE Published:
9 September 2024

What is CVE-2024-44411?

The D-Link DI-8300 router running firmware version 16.07.26A1 is susceptible to a command injection vulnerability. This flaw exists in the msp_info_htm function, allowing an attacker to execute arbitrary commands on the device by injecting crafted input. Exploitation of this vulnerability could lead to unauthorized access and control over the affected system, making it crucial for users to implement necessary updates and security measures.

References

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.