Buaaiotteam

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120 up to 20240814 D-Link DNR-202L up to 20240814 D-Link DNS-315L up to 20240814 D-Link DNS-320 up to 20240814 D-Link DNS-320L up to 20240814 D-Link DNS-320LW up to 20240814 D-Link DNS-321 up to 20240814 D-Link DNR-322L up to 20240814 D-Link DNS-323 up to 20240814 D-Link DNS-325 up to 20240814 D-Link DNS-326 up to 20240814 D-Link DNS-327L up to 20240814 D-Link DNR-326 up to 20240814 D-Link DNS-340L up to 20240814 D-Link DNS-343 up to 20240814 D-Link DNS-345 up to 20240814 D-Link DNS-726-4 up to 20240814 D-Link DNS-1100-4 up to 20240814 D-Link DNS-1200-05 up to 20240814 D-Link DNS-1550-04 up to 20240814 **Description** The issue affects the function `cgi FMT R12R5 2nd DiskMGR` of the file `/cgi-bin/hd config.cgi`. The manipulation of the argument `f source dev` leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer. The vendor was contacted early and confirmed that the product is end-of-life. **Recommendations** As a temporary workaround, consider disabling the `cgi FMT R12R5 2nd DiskMGR` function until a replacement is available. Restrict access to the `/cgi-bin/hd config.cgi` file to minimize the risk of exploitation. Avoid using the `f source dev` argument in the affected API endpoint until the issue is resolved. Retire and replace the affected products, as they are end-of-life and no longer supported by the maintainer.

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120 up to 20240814 D-Link DNR-202L up to 20240814 D-Link DNS-315L up to 20240814 D-Link DNS-320 up to 20240814 D-Link DNS-320L up to 20240814 D-Link DNS-320LW up to 20240814 D-Link DNS-321 up to 20240814 D-Link DNR-322L up to 20240814 D-Link DNS-323 up to 20240814 D-Link DNS-325 up to 20240814 D-Link DNS-326 up to 20240814 D-Link DNS-327L up to 20240814 D-Link DNR-326 up to 20240814 D-Link DNS-340L up to 20240814 D-Link DNS-343 up to 20240814 D-Link DNS-345 up to 20240814 D-Link DNS-726-4 up to 20240814 D-Link DNS-1100-4 up to 20240814 D-Link DNS-1200-05 up to 20240814 D-Link DNS-1550-04 up to 20240814 Description: A critical vulnerability has been found in various D-Link products. This issue affects the function `cgi add zip` of the file `/cgi-bin/webfile mgr.cgi` of the component HTTP POST Request Handler. The manipulation of the argument `path` leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Note that this vulnerability only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life. Recommendations: As a temporary workaround, consider disabling the `cgi add zip` function until a replacement is available. Restrict access to the `/cgi-bin/webfile mgr.cgi` file to minimize the risk of exploitation. Avoid using the `path` argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability. It is recommended to retire and replace the affected products.

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120 up to 20240814 D-Link DNR-202L up to 20240814 D-Link DNS-315L up to 20240814 D-Link DNS-320 up to 20240814 D-Link DNS-320L up to 20240814 D-Link DNS-320LW up to 20240814 D-Link DNS-321 up to 20240814 D-Link DNR-322L up to 20240814 D-Link DNS-323 up to 20240814 D-Link DNS-325 up to 20240814 D-Link DNS-326 up to 20240814 D-Link DNS-327L up to 20240814 D-Link DNR-326 up to 20240814 D-Link DNS-340L up to 20240814 D-Link DNS-343 up to 20240814 D-Link DNS-345 up to 20240814 D-Link DNS-726-4 up to 20240814 D-Link DNS-1100-4 up to 20240814 D-Link DNS-1200-05 up to 20240814 D-Link DNS-1550-04 up to 20240814 Description: A critical vulnerability was found in the specified D-Link products. This issue affects the `cgi unzip` function of the `/cgi-bin/webfile mgr.cgi` file in the HTTP POST Request Handler component. The manipulation of the `path` argument leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Note that this vulnerability only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life. Recommendations: As a temporary workaround, consider disabling the `cgi unzip` function until a replacement is available. Restrict access to the `/cgi-bin/webfile mgr.cgi` file to minimize the risk of exploitation. Avoid using the `path` argument in the affected HTTP POST Request Handler until the issue is resolved. It is recommended to retire and replace the affected products as they are end-of-life. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814 **Description** A critical vulnerability has been found in the function `cgi FMT R12R5 1st DiskMGR` of the file `/cgi-bin/hd config.cgi`. The manipulation of the argument `f source dev` leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life. **Recommendations** As a temporary workaround, consider disabling the `cgi FMT R12R5 1st DiskMGR` function until a replacement is available. Restrict access to the `/cgi-bin/hd config.cgi` file to minimize the risk of exploitation. Avoid using the `f source dev` argument in the affected API endpoint until the issue is resolved. The vendor recommends retiring and replacing the affected products, as they are no longer supported.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 versions up to 20240814 **Description** A critical vulnerability was found in the function `cgi FMT Std2R5 2nd DiskMGR` of the file `/cgi-bin/hd config.cgi`. The manipulation of the argument `f source dev` leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. The vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. **Recommendations** As a temporary workaround, consider disabling the `cgi FMT Std2R5 2nd DiskMGR` function until a patch is available. Restrict access to the `/cgi-bin/hd config.cgi` file to minimize the risk of exploitation. Avoid using the argument `f source dev` in the affected API endpoint until the issue is resolved. Since the products are end-of-life, it is recommended to retire and replace them. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240812 **Description** A critical issue affects the function `sprintf` of the file `/cgi-bin/photocenter mgr.cgi`. The manipulation of the argument `filter` leads to command injection. It is possible to initiate the attack remotely. The issue has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life. **Recommendations** As a temporary workaround, consider disabling the `sprintf` function in the `/cgi-bin/photocenter mgr.cgi` file until the issue is resolved. Restrict access to the `/cgi-bin/photocenter mgr.cgi` file to minimize the risk of exploitation. Avoid using the `filter` argument in the affected API endpoint until the issue is resolved. Retire and replace affected products immediately, as they are no longer supported by the maintainer.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 **Description** A critical issue affects the function `sprintf` of the file `/cgi-bin/hd config.cgi`. The manipulation of the argument `f mount` leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life. **Recommendations** As a temporary workaround, consider disabling the `cgi FMT R12R5 3rd DiskMGR()` function until a replacement is available. Restrict access to the `/cgi-bin/hd config.cgi` file to minimize the risk of exploitation. Avoid using the argument `f mount` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability. It is recommended to retire and replace the affected products.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 **Description** A critical issue affects the function `cgi FMT Std2R1 DiskMGR` of the file `/cgi-bin/hd config.cgi`. The manipulation of the argument `f newly dev` leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer. The vendor confirmed that the product is end-of-life and should be retired and replaced. **Recommendations** As a temporary workaround, consider disabling the `cgi FMT Std2R1 DiskMGR` function until a replacement is available. Restrict access to the `/cgi-bin/hd config.cgi` file to minimize the risk of exploitation. Avoid using the `f newly dev` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability. It is recommended to retire and replace the affected products.