CVE-2024-5292 | D-Link Network Assistant 4.0.0.21 DNACore Service uncontrolled search path (ZDI-24-443)

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability was found in D-Link Network Assistant 4.0.0.21 and classified as critical. Affected by this issue is some unknown functionality of the component DNACore Service. The manipulation leads to uncontrolled search path.

This vulnerability is handled as CVE-2024-5292. Attacking locally is a requirement. There is no exploit available.

CVE-2024-5292 | D-Link Network Assistant 4.0.0.21 DNACore Service uncontrolled search path (ZDI-24-443)

Post correlati

CVE-2024-41808 | openobserve up to 0.9.1 cross site scripting (GHSA-hx23-g7m8-h76j)

CVE-2024-45074 | IBM webMethods Integration 10.15 URL path traversal

CVE-2024-4095 | Collapse-O-Matic Plugin up to 1.8.5.8 on WordPress Shortcode cross site scripting

CVE-2023-6526 | Meta Box Plugin up to 5.9.2 on WordPress cross site scripting