CVE-2024-51186

Name of the Vulnerable Software and Affected Versions: D-Link DIR-820L version 1.05b03

Description: The issue is related to the ping v4 and ping v6 functions in the D-Link DIR-820L router's firmware, which fails to properly sanitize data when handling the ping addr parameter. This can allow a remote attacker to execute arbitrary commands. The vulnerability is a remote code execution (RCE) issue that can be exploited via the ping addr parameter in the ping v4 and ping v6 functions.

Recommendations: For D-Link DIR-820L version 1.05b03, as a temporary workaround, consider disabling the ping v4 and ping v6 functions until a patch is available. Restrict access to the ping addr parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.