Description
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.
Published: 2024-10-17
Score: 8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.02116}

 epss

{'score': 0.01787}

Wed, 07 May 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Dlink dir-878
Dlink dir-882
CPEs cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-878_firmware:1.30b08:-:*:*:*:*:*:*
Vendors & Products Dlink dir-878
Dlink dir-882

Thu, 17 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-878 Firmware
Dlink dir-882 Firmware
Weaknesses CWE-78
CPEs cpe:2.3:o:dlink:dir-878_firmware:1.30b08:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-882_firmware:1.30b06:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-878 Firmware
Dlink dir-882 Firmware
Metrics cvssV3_1

{'score': 8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 17 Oct 2024 17:30:00 +0000

Type Values Removed Values Added
Description D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the IPAddress parameter in the SetGuestZoneRouterSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.
References

Subscriptions

Dlink Dir-878 Dir-878 Firmware Dir-882 Dir-882 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-10-17T19:04:39.518Z

Reserved: 2024-10-08T00:00:00.000Z

Link: CVE-2024-48629

cve-icon Vulnrichment

Updated: 2024-10-17T19:03:02.452Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-17T18:15:08.210

Modified: 2025-05-07T16:07:03.510

Link: CVE-2024-48629

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses