{"uuid": "e3a9cac7-5b8e-4052-94cf-0b016f6701be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33113", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1384", "content": "\ud83d\udea8PoC Released\ud83d\udea8CVE-2024-33113 is a vulnerability in the D-LINK DIR-845L router that allows information disclosure through the bsc_sms_inbox.php file. The vulnerability arises from improper handling of the include() function, which can be exploited by manipulating the $file variable. This allows attackers to include arbitrary PHP scripts and potentially retrieve sensitive information such as the router's username and password.\n\nhttps://x.com/DarkWebInformer/status/1805385141998731320", "creation_timestamp": "2024-06-25T03:12:09.000000Z"}