CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7833 – D-Link DI-8100 upgrade_filter.asp upgrade_filter_asp command injection
https://notcve.org/view.php?id=CVE-2024-7833
A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiate the attack remotely. • https://github.com/aLtEr6/pdf/blob/main/3.pdf https://vuldb.com/?ctiid.274731 https://vuldb.com/?id.274731 https://vuldb.com/?submit.385338 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7436 – D-Link DI-8100 msp_info.htm msp_info_htm command injection
https://notcve.org/view.php?id=CVE-2024-7436
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function msp_info_htm of the file msp_info.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/aLtEr6/pdf/blob/main/2.pdf https://vuldb.com/?ctiid.273521 https://vuldb.com/?id.273521 https://vuldb.com/?submit.370591 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •