Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-33344


D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell.


Published

2024-04-26T18:15:46.467

Last Modified

2025-05-21T12:51:29.240

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-77

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System dlink dir-822\+_firmware 1.05 Yes
Hardware dlink dir-822\+ - No

References