Vulnerability Description
A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. This issue affects the function cgi_add_zip of the file /cgi-bin/webfile_mgr.cgi of the component HTTP POST Request Handler. The manipulation of the argument path leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dns-1550-04 Firmware | - |
| Dlink | Dns-1550-04 | - |
| Dlink | Dns-1200-05 Firmware | - |
| Dlink | Dns-1200-05 | - |
| Dlink | Dns-1100-4 Firmware | - |
| Dlink | Dns-1100-4 | - |
| Dlink | Dns-726-4 Firmware | - |
| Dlink | Dns-726-4 | - |
| Dlink | Dns-345 Firmware | - |
| Dlink | Dns-345 | - |
| Dlink | Dns-343 Firmware | - |
| Dlink | Dns-343 | - |
| Dlink | Dns-340L Firmware | - |
| Dlink | Dns-340L | - |
| Dlink | Dnr-326 Firmware | - |
| Dlink | Dnr-326 | - |
| Dlink | Dns-327L Firmware | - |
| Dlink | Dns-327L | - |
| Dlink | Dns-326 Firmware | - |
| Dlink | Dns-326 | - |
Related Weaknesses (CWE)
References
- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_add_zip.mdExploitThird Party Advisory
- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383Vendor Advisory
- https://vuldb.com/?ctiid.275699Permissions RequiredVDB Entry
- https://vuldb.com/?id.275699Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.396237Third Party AdvisoryVDB Entry
- https://www.dlink.com/Product
FAQ
What is CVE-2024-8128?
CVE-2024-8128 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, ...
How severe is CVE-2024-8128?
CVE-2024-8128 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8128?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dns-1550-04 Firmware, Dlink Dns-1550-04, Dlink Dns-1200-05 Firmware, Dlink Dns-1200-05, Dlink Dns-1100-4 Firmware.