CVE-2024-4963 | D-Link DAR-7000-40 V31R02B1413C /url/url.php file_upload unrestricted upload (SAP10354)

A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. This affects an unknown part of the file /url/url.php. The manipulation of the argument file_upload leads to unrestricted upload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2024-4963. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

It is recommended to replace the affected component with an alternative.

CVE-2024-4963 | D-Link DAR-7000-40 V31R02B1413C /url/url.php file_upload unrestricted upload (SAP10354)

Post correlati

CVE-2024-9867 | bdthemes Element Pack Elementor Addons Plugin up to 5.10.2 on WordPress Open Map Widget marker_content cross site scripting

CVE-2023-52086 | resumable.php up to 0.1.4 upload.php path traversal (Issue 34)

CVE-2023-6689 | EFACEC BCU 500 4.07 cross-site request forgery (icsa-23-353-02)

CVE-2023-5310 | Silabs Z-Wave SDK up to 7.20.3 Packet unusual condition