D-Link DI-8100 16.07 Remote Command Injection via upgrade_filter.asp
CVE-2024-7833 Published on August 15, 2024
D-Link DI-8100 upgrade_filter.asp upgrade_filter_asp command injection
A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Type
What is a Command Injection Vulnerability?
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CVE-2024-7833 has been classified to as a Command Injection vulnerability or weakness.
Products Associated with CVE-2024-7833
Want to know whenever a new CVE is published for D-Link Di 8100 Firmware? stack.watch will email you.
Affected Versions
D-Link DI-8100 Version 16.07 is affected by CVE-2024-7833Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.