Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vulnerabilities in its discontinued DIR-846 router model.<\/p>\n\n\n\n
The vulnerabilities CVE-2024-44341 and CVE-2024-44342 (CVSS score of 9.8) are two OS command injection issues. A remote attacker could exploit them to execute arbitrary code on vulnerable devices.<\/p>\n\n\n\n
“D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability (CVE-2024-44341) via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.” reads the advisory<\/a>. <\/em><\/p>\n\n\n\n
The security researcher Yali-1002 discovered<\/a> the above vulnerabilities.<\/p>\n\n\n\n
Routers are a privileged target for threat actors and botnet operators. In January, researchers from cybersecurity firm GreyNoise spotted<\/strong><\/a> exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8)\u00a0impacting all\u00a0D-Link DIR-859<\/a>\u00a0WiFi routers.<\/p>\n\n\n\n
The vendor\u00a0stated<\/strong><\/a>\u00a0that the DIR-859 family of routers has reached their End of Life (\u201cEOL\u201d)\/End of Service Life (\u201cEOS\u201d) life-cycle, and for this reason, the flaw will likely not be addressed.<\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
(<\/strong>Security Affairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, IoT<\/a>)<\/strong><\/p>\n\n\n\n