all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-442: (0Day) D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability

Add to bookmarks
May 14, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8.

0day arbitrary code attackers authentication code code execution command command injection cvss d-link exploit injection link network rating remote code remote code execution routers target vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-579: Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
apple apple macos arbitrary code attack +20
ZDI-24-578: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
apple apple macos attackers cves +19
ZDI-24-582: SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
cvss disclosure exploit external +13
ZDI-24-581: Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
attackers authentication authentication bypass azure +16
ZDI-24-580: Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
artifact attackers authentication authentication bypass +14
ZDI-24-577: Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
access access control apex apex one +24
ZDI-24-576: Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
attacker attackers code cvss +20
ZDI-24-575: Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
attacker attackers code cves +21
ZDI-24-574: Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability 4 days, 1 hour ago | www.zerodayinitiative.com
attackers authentication cross-site cve +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com