A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the argument host leads to os command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is traded as CVE-2024-9004. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to replace the affected component with an alternative.