D-Link DNS-320 信息泄露漏洞

🗓️ 05 Sep 2024 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 2 Views

D-Link DNS-320 storage suffers information disclosure from improper getHD, getSer, or getSys parameters.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the /cgi-bin/widget_api.cgi file of the Web Management Interface component of the D-Link DNS-320 router’s microprogramming system allows a hacker to disclose confidential information.	30 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-8460	5 Sep 202414:40	–	circl
CNVD	D-Link DNS-320 Information Disclosure Vulnerability (CNVD-2025-18474)	10 Sep 202400:00	–	cnvd
CVE	CVE-2024-8460	5 Sep 202412:00	–	cve
Cvelist	CVE-2024-8460 D-Link DNS-320 Web Management Interface widget_api.cgi information disclosure	5 Sep 202412:00	–	cvelist
EUVD	EUVD-2024-49194	3 Oct 202520:07	–	euvd
NVD	CVE-2024-8460	5 Sep 202412:15	–	nvd
Positive Technologies	PT-2024-6451 · D Link · D-Link Dns-320	4 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-8460	23 May 202508:27	–	redhatcve
Vulnrichment	CVE-2024-8460 D-Link DNS-320 Web Management Interface widget_api.cgi information disclosure	5 Sep 202412:00	–	vulnrichment

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/1
supportannouncement	www.supportannouncement.us.dlink.com/security/publication.aspx
dlink	www.dlink.com/
cxsecurity	www.cxsecurity.com/cveshow/CVE-2024-8460/

31 Dec 2025 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.13.7 - 5.9

CVSS 22.6

CVSS 46.3

CVSS 33.7

EPSS0.02058

SSVC

D-Link DNS-320 information disclosure getHD parameter getSer parameter getSys parameter improper handling home office storage