D-Link Products at Risk of Buffer Overflow Vulnerability
CVE-2024-7832
8.8HIGH
Key Information:
Badges
👾 Exploit Exists
What is CVE-2024-7832?
A buffer overflow vulnerability has been identified in multiple D-Link network attached storage (NAS) devices, specifically affecting the cgi_get_fullscreen_photos function within the photocenter_mgr.cgi script. This flaw can be exploited remotely, allowing an attacker to manipulate user-supplied arguments and trigger overflow conditions. Given that the affected devices are no longer supported by D-Link, it is crucial for users to retire and replace these devices to safeguard against potential exploitation, as the exploit details have been publicly disclosed.
Affected Version(s)
DNR-202L 20240814
DNR-322L 20240814
DNR-326 20240814