Exploit for Improper Neutralization in Dlink Dns-320_Firmware

POC - CVE-2024–10914- Command Injection Vulnerability in name...

CVE-2024-10914

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument name leads to os command...

CVE-2024-10915

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

CVE-2024-10915 D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

CVE-2024-10915

CVE-2024-10915 affects D-Link NAS models DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. The vulnerability is in the function; the group parameter in the endpoint /cgi-bin/account_mgr.cgi?cmd=cgi_user_add can be manipulated to cause an OS command injection, enabling remote code execution...