CVE-2024-33343 - D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of

CVE-2024-33343

Summary

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

References

http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-822%2B
https://github.com/n0wstr/IOTVuln/tree/main/DIR-822%2B/ChgSambaUserSettings

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

26-04-2024 - 19:59

Published

26-04-2024 - 18:15

Last modified

26-04-2024 - 19:59