CVE-2024-4963 | D-Link DAR-7000-40 V31R02B1413C /url/url.php file_upload unrestricted upload (SAP10354)

A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. This affects an unknown part of the file /url/url.php. The manipulation of the argument file_upload leads to unrestricted upload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2024-4963. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

It is recommended to replace the affected component with an alternative.

CVE-2024-4963 | D-Link DAR-7000-40 V31R02B1413C /url/url.php file_upload unrestricted upload (SAP10354)

Post correlati

CVE-2024-1789 | WP SMTP Plugin 1.2/1.2.6 on WordPress sql injection

CVE-2023-51198 | OSRF ROS2 Foxy Fitzroy access control

CVE-2024-2126 | ThemeIsle Orbit Fox Widget up to 2.10.32 on WordPress Registration Form Widget cross site scripting

CVE-2024-20254 | Cisco TelePresence Video Communication Server Expressway cross-site request forgery (cisco-sa-expressway-csrf-KnnZDMj3)