CRITICAL🇵🇱 Wersja polska

CVE-2024-22651

CVSS 9.8v3.1pub. 2024-01-24upd. 2024-11-21

There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04.

🤖 AI Analysis
How it works

The vulnerability is located in the ssdpcgi_main function in the cgibin executable file, which is part of the CGI interface of the router software. An attacker can provide crafted input containing malicious system commands, which are then interpreted and executed without proper data validation or sanitization. The attack vector is network-based, requires no authentication or user interaction, making this vulnerability exceptionally dangerous.

Impact

An attacker can gain full control over the device, with confidentiality, integrity and availability of the system being completely compromised — arbitrary commands can be executed with CGI process privileges, which may lead to router takeover, network configuration modification or further lateral movement in the network.

Mitigation & patch

Apply patches available from the manufacturer according to the references. In the absence of updates, it is recommended to restrict access to the device's administrative panel exclusively to trusted hosts and disable unnecessary network services available from outside.

Who is affected

D-Link DIR-815 router with software version v1.04

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 815

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 815 Firmware

    OS
    Dlink
    ≤ 1.04
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-25115CRITICAL10.0PL ✓ten sam produkt

D-Link DIR-series — nieuwierzytelniony command injection w service.cgi (root RCE)

CVE-2023-51123CRITICAL9.8PL ✓ten sam produkt

RCE w D-Link DIR-815 via command injection w soapcgi_main

CVE-2018-10106CRITICAL9.8ten sam produkt

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission byp...

CVE-2014-8888CRITICAL9.8ten sam produkt

The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote atta...

CVE-2015-0150CRITICAL9.8ten sam produkt

The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers t...