{"id":168041,"date":"2024-09-04T14:49:55","date_gmt":"2024-09-04T14:49:55","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=168041"},"modified":"2024-09-04T14:49:57","modified_gmt":"2024-09-04T14:49:57","slug":"d-link-dir-846-routers-code-execution-flaws","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/168041\/security\/d-link-dir-846-routers-code-execution-flaws.html","title":{"rendered":"Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them!"},"content":{"rendered":"
<\/div>\n

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. <\/h2>\n\n\n\n

Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vulnerabilities in its discontinued DIR-846 router model.<\/p>\n\n\n\n

The vulnerabilities CVE-2024-44341 and CVE-2024-44342 (CVSS score of 9.8) are two OS command injection issues. A remote attacker could exploit them to execute arbitrary code on vulnerable devices.<\/p>\n\n\n\n

“D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability (CVE-2024-44341) via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.” reads the advisory<\/a>. <\/em><\/p>\n\n\n\n

“D-Link DIR-846W Firmware A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability (CVE-2024-44342) via the wl(0).(0)_ssid parameter.”<\/em><\/p>\n\n\n\n

The vendor also addressed a remote command execution (RCE) vulnerability, tracked as CVE-2024-41622 (CVSS score of 8.8), that resides in the tomography_ping_address parameter in \/HNAP1\/ interface.<\/gwmw><\/p>\n\n\n\n

The fourth issue addressed by the company is a high-severity RCE vulnerability, tracked as CVE-2024-44340 (with a CVSS score of 8.8), which can be exploited by an authenticated attacker.<\/gwmw><\/p>\n\n\n\n

The security researcher Yali-1002 discovered<\/a> the above vulnerabilities.<\/p>\n\n\n\n

The vendor recommends to retire and replace devices that have reached their End of Life (\u2018EOL\u2019) \/End of Service Life (\u2018EOS\u2019) Life-Cycle. <\/p>\n\n\n\n

Routers are a privileged target for threat actors and botnet operators. In January, researchers from cybersecurity firm GreyNoise spotted<\/strong><\/a> exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8)\u00a0impacting all\u00a0D-Link DIR-859<\/a>\u00a0WiFi routers.<\/p>\n\n\n\n

The vendor\u00a0stated<\/strong><\/a>\u00a0that the DIR-859 family of routers has reached their End of Life (\u201cEOL\u201d)\/End of Service Life (\u201cEOS\u201d) life-cycle, and for this reason, the flaw will likely not be addressed.<\/p>\n\n\n\n

Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n

(<\/strong>Security Affairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, IoT<\/a>)<\/strong><\/p>\n\n\n\n

<\/gwmw><\/gwmw><\/gwmw><\/p>\n","protected":false},"excerpt":{"rendered":"

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vulnerabilities in its discontinued DIR-846 router model. The vulnerabilities CVE-2024-44341 and CVE-2024-44342 (CVSS score of 9.8) are two OS command injection issues. A remote attacker could exploit them to execute […]<\/p>\n","protected":false},"author":1,"featured_media":95928,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,4966,55],"tags":[],"class_list":["post-168041","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-iot","category-security"],"yoast_head":"\n杭州江阴科强工业胶带有限公司