Dlink Dir-846W Firmware vulnerabilities

CVE-2024-44341 [CRITICAL] CWE-78 CVE-2024-44341: D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.

CVE-2024-44342 [CRITICAL] CWE-78 CVE-2024-44342: D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the wl(0).(0)_ssid parameter. This vulnerability is exploited via a crafted POST request.

CVE-2024-41622 [CRITICAL] CWE-78 CVE-2024-41622: D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in /HNAP1/ interface.

CVE-2024-44340 [HIGH] CWE-78 CVE-2024-44340: D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via keys smartqos_express_devices and smartqos_normal_devices in SetSmartQoSSettings.