CVE-2024-7831

Name of the Vulnerable Software and Affected Versions D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814

Description A critical issue has been found in the function cgi get cooliris of the file /cgi-bin/photocenter mgr.cgi. The manipulation of the path argument leads to a buffer overflow. This issue can be exploited remotely, allowing an attacker to execute arbitrary commands using a specially crafted POST request. The exploit has been disclosed to the public and may be used. This issue only affects products that are no longer supported by the maintainer, and the vendor has confirmed that the product is end-of-life.

Recommendations As a temporary workaround, consider disabling the cgi get cooliris function until a replacement or update is available. Restrict access to the /cgi-bin/photocenter mgr.cgi file to minimize the risk of exploitation. Avoid using the path argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability. It is recommended to retire and replace the affected products.