CVE-2024-48635
published 2024-10-17CVE-2024-48635: D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the…
high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the VLANID:2/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dlink | dir-878_firmware | — | — |
| dlink | dir-882_firmware | — | — |