CVE-2024-44342

Name of the Vulnerable Software and Affected Versions D-Link DIR-846W A1 FW100A43

Description The issue is a remote command execution vulnerability that can be exploited via a crafted POST request. It is related to the wl(0).(0) ssid parameter. This vulnerability allows a remote attacker to execute arbitrary code.

Recommendations For D-Link DIR-846W A1 FW100A43, as a temporary workaround, consider disabling access to the wl(0).(0) ssid parameter until a patch is available. Restrict access to the vulnerable parameter to minimize the risk of exploitation. Avoid using the wl(0).(0) ssid parameter in crafted POST requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.