What is Nostr?
zCat
npub1zm7…pnd6
2024-11-08 23:32:56

zCat on Nostr: D-Link won’t fix critical flaw affecting 60,000 older NAS devices More than 60,000 ...

D-Link won’t fix critical flaw affecting 60,000 older NAS devices

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

The flaw, tracked as CVE-2024-10914, has a critical 9.2 severity score and is present in the ‘cgi_user_add’ command where the name parameter is insufficiently sanitized.

An unauthenticated attacker could exploit it to inject arbitrary shell commands by sending specially crafted HTTP GET requests to the devices.

See more: https://www.bleepingcomputer.com/news/security/d-link-wont-fix-critical-flaw-affecting-60-000-older-nas-devices/

#cybersecurity #injection
Author Public Key
npub1zm7jduqq2nmxz5wxh4ujtm00g9vxzqa0r82yt7flvm67yje5gfaqa5pnd6