Command Injection Vulnerability in D-Link Routers
CVE-2024-48633

Currently unrated

Key Information:

Vendor: D-Link
Status: DIR-882 and DIR-878 Routers
Vendor: CVE Published:; 17 October 2024

What is CVE-2024-48633?

D-Link DIR-882 and DIR-878 router firmware versions contain multiple command injection vulnerabilities. Attackers can exploit these flaws by sending crafted POST requests targeting specific parameters such as ExternalPort, InternalPort, ProtocolNumber, and LocalIPAddress within the SetVirtualServerSettings function. Successful exploitation could result in arbitrary command execution on the operating system, presenting significant security risks to the impacted devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.dlink.com/en/security-bulletin/

https://github.com/pjqwudi1/my_vuln/blob/main/D-link4/vul...

Timeline

Vulnerability published
Oct 17, 2024
Vulnerability Reserved
Oct 8, 2024

JSON

D-Link

What is CVE-2024-48633?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.