cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-41622,https://securityvulnerability.io/vulnerability/CVE-2024-41622,D-Link DIR-846W A1 FW100A43 Vulnerability Affects Remote Command Execution,"The D-Link DIR-846W A1 router was found to be vulnerable to a remote command execution (RCE) attack, which can be exploited through the 'tomography_ping_address' parameter in the /HNAP1/ interface. This vulnerability may allow unauthenticated attackers to execute arbitrary commands on the affected device, potentially compromising the integrity of the router and exposing sensitive network data. It is crucial for users to apply necessary security measures to protect their network devices from this vulnerability.",D-Link,Dir-846w Firmware,9.8,CRITICAL,0.0006000000284984708,false,false,false,false,,false,false,2024-08-27T00:00:00.000Z,0 CVE-2024-44340,https://securityvulnerability.io/vulnerability/CVE-2024-44340,D-Link DIR-846W Vulnerable to Remote Command Execution,"A remote command execution (RCE) vulnerability exists in the D-Link DIR-846W A1 router due to improper handling of the 'smartqos_express_devices' and 'smartqos_normal_devices' keys in the SetSmartQoSSettings function. This flaw allows an attacker to execute arbitrary commands on the vulnerable device remotely. Exploitation of this vulnerability can lead to unauthorized access and control of the affected router, potentially compromising the entire network. Users are advised to check for updates and apply any necessary patches to mitigate this security risk. For more information, consult D-Link’s security bulletins.",D-Link,Dir-846w Firmware,8.8,HIGH,0.0006000000284984708,false,false,false,false,,false,false,2024-08-27T00:00:00.000Z,0 CVE-2024-44341,https://securityvulnerability.io/vulnerability/CVE-2024-44341,D-Link DIR-846W A1 FW100A43 Vulnerable to Remote Command Execution,"A remote command execution (RCE) vulnerability was identified in the D-Link DIR-846W A1 router firmware version FW100A43. This security flaw is triggered by manipulating the lan(0)_dhcps_staticlist parameter through a crafted POST request. Exploitation of this vulnerability allows an attacker to execute arbitrary commands on the affected device, potentially leading to unauthorized control and manipulation of network settings. Users are strongly advised to remain vigilant and implement necessary updates to secure their devices against potential attacks. For further information, refer to D-Link's official security bulletin.",D-Link,Dir-846w Firmware,9.8,CRITICAL,0.0006000000284984708,false,false,false,false,,false,false,2024-08-27T00:00:00.000Z,0 CVE-2024-44342,https://securityvulnerability.io/vulnerability/CVE-2024-44342,D-Link DIR-846W RCE Vulnerability Discovered in wl(0).(0)_ssid Parameter,"The D-Link DIR-846W A1 FW100A43 router has a vulnerability that allows remote command execution through improper validation of the wl(0).(0)_ssid parameter. An attacker can leverage this flaw by sending a specially crafted POST request, potentially compromising the router's security. This vulnerability emphasizes the necessity for robust parameter validation mechanisms in network devices to prevent unauthorized access and maintain user data integrity.",D-Link,Dir-846w Firmware,9.8,CRITICAL,0.0006000000284984708,false,false,false,false,,false,false,2024-08-27T00:00:00.000Z,0