Vulnerability Description
A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. This vulnerability affects the function cgi_unzip of the file /cgi-bin/webfile_mgr.cgi of the component HTTP POST Request Handler. The manipulation of the argument path leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dns-1550-04 Firmware | - |
| Dlink | Dns-1550-04 | - |
| Dlink | Dns-1200-05 Firmware | - |
| Dlink | Dns-1200-05 | - |
| Dlink | Dns-1100-4 Firmware | - |
| Dlink | Dns-1100-4 | - |
| Dlink | Dns-726-4 Firmware | - |
| Dlink | Dns-726-4 | - |
| Dlink | Dns-345 Firmware | - |
| Dlink | Dns-345 | - |
| Dlink | Dns-343 Firmware | - |
| Dlink | Dns-343 | - |
| Dlink | Dns-340L Firmware | - |
| Dlink | Dns-340L | - |
| Dlink | Dnr-326 Firmware | - |
| Dlink | Dnr-326 | - |
| Dlink | Dns-327L Firmware | - |
| Dlink | Dns-327L | - |
| Dlink | Dns-326 Firmware | - |
| Dlink | Dns-326 | - |
Related Weaknesses (CWE)
References
- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_unzip.mdExploitThird Party Advisory
- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383Vendor Advisory
- https://vuldb.com/?ctiid.275698Permissions RequiredVDB Entry
- https://vuldb.com/?id.275698Permissions RequiredVDB Entry
- https://vuldb.com/?submit.396236Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
FAQ
What is CVE-2024-8127?
CVE-2024-8127 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343...
How severe is CVE-2024-8127?
CVE-2024-8127 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8127?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dns-1550-04 Firmware, Dlink Dns-1550-04, Dlink Dns-1200-05 Firmware, Dlink Dns-1200-05, Dlink Dns-1100-4 Firmware.