PT-2024-22542 · D Link · Dlink Dwr 5G Cpe+1
Mrnmap
+2
·
Published
2024-11-12
·
Updated
2024-11-13
·
CVE-2024-28726
CVSS v3.1
8.0
High
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME
Dlink DWR 5G CPE version DWR-2000M 1.34ME
Description
An issue in the affected devices allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function. This enables the attacker to potentially gain control over the device.
Recommendations
For DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME, consider disabling the Diagnostics function until a patch is available.
For Dlink DWR 5G CPE version DWR-2000M 1.34ME, consider disabling the Diagnostics function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dlink Dwr 2000M 5G Cpe With Wifi 6 Ax1800
Dlink Dwr 5G Cpe