CVE-2024-7832 (GCVE-0-2024-7832)

Vulnerability from cvelistv5 – Published: 2024-08-15 13:31 – Updated: 2024-08-16 15:09
VLAI?
Summary
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_get_fullscreen_photos of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument user leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.
Severity ?
8.7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High)
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
D-Link DNS-120 Affected: 20240814
Create a notification for this product.
    D-Link DNR-202L Affected: 20240814
Create a notification for this product.
    D-Link DNS-315L Affected: 20240814
Create a notification for this product.
    D-Link DNS-320 Affected: 20240814
Create a notification for this product.
    D-Link DNS-320L Affected: 20240814
Create a notification for this product.
    D-Link DNS-320LW Affected: 20240814
Create a notification for this product.
    D-Link DNS-321 Affected: 20240814
Create a notification for this product.
    D-Link DNR-322L Affected: 20240814
Create a notification for this product.
    D-Link DNS-323 Affected: 20240814
Create a notification for this product.
    D-Link DNS-325 Affected: 20240814
Create a notification for this product.
    D-Link DNS-326 Affected: 20240814
Create a notification for this product.
    D-Link DNS-327L Affected: 20240814
Create a notification for this product.
    D-Link DNR-326 Affected: 20240814
Create a notification for this product.
    D-Link DNS-340L Affected: 20240814
Create a notification for this product.
    D-Link DNS-343 Affected: 20240814
Create a notification for this product.
    D-Link DNS-345 Affected: 20240814
Create a notification for this product.
    D-Link DNS-726-4 Affected: 20240814
Create a notification for this product.
    D-Link DNS-1100-4 Affected: 20240814
Create a notification for this product.
    D-Link DNS-1200-05 Affected: 20240814
Create a notification for this product.
    D-Link DNS-1550-04 Affected: 20240814
Create a notification for this product.
Credits
BuaaI0TTeam (VulDB User)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dnr-322l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:*",
              "cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "dns-726-4_firmware",
            "vendor": "dlink",
            "versions": [
              {
                "lessThanOrEqual": "20240814",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7832",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-16T15:03:59.160871Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-16T15:09:53.544Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DNS-120",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNR-202L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-315L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-320",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-320L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-320LW",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-321",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNR-322L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-323",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-325",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-326",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-327L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNR-326",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-340L",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-343",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-345",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-726-4",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-1100-4",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-1200-05",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        },
        {
          "product": "DNS-1550-04",
          "vendor": "D-Link",
          "versions": [
            {
              "status": "affected",
              "version": "20240814"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "BuaaI0TTeam (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_get_fullscreen_photos of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument user leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 bis 20240814 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion cgi_get_fullscreen_photos der Datei /cgi-bin/photocenter_mgr.cgi. Mittels dem Manipulieren des Arguments user mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 9,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-15T16:01:19.900Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-274730 | D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_fullscreen_photos buffer overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.274730"
        },
        {
          "name": "VDB-274730 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.274730"
        },
        {
          "name": "Submit #390120 | D-Link DNS 320/320L/321/323/325/327L Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.390120"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-15T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-08-15T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-08-15T18:05:49.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_fullscreen_photos buffer overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7832",
    "datePublished": "2024-08-15T13:31:04.175Z",
    "dateReserved": "2024-08-15T05:27:30.820Z",
    "dateUpdated": "2024-08-16T15:09:53.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-120_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C44BE2C6-BF3E-43C3-B32F-2DCE756F94BC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E161E54-2FE9-4359-9B2D-8700D00DE8E7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-202l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96195649-172A-4C21-AA15-7B05F86C5CEC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07A92F2C-16FD-4A53-8066-83FEC2818DF5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-315l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8CFCD7B-EFFB-4FAB-9537-46AC7B567126\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03C5CED7-55A7-4026-95CD-A2ADB5853823\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4452F9A4-3A0A-4773-9818-04C94CF9F8E7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4599D769-0210-4D49-9896-9AD1376A037E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C677E53-6885-4EC4-A7CC-E24E8F445F59\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-320lw_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FE78C5B-2A98-47EE-BF67-CF58AFE50A37\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45467ABC-BAA9-4EB0-9F97-92E31854CA8B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A278BC9-6197-43D9-93C2-3DF760856FB7\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD3AD5EE-8E1E-4336-A1AB-AB028CC71286\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DAF62A4-2429-4B89-8FAD-8B23EF15E050\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-323_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641CB5F1-3DE0-480B-95A4-FC42A8FF3C97\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94ED678A-AB4C-4637-B0D8-C232A0BB5D5F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16954393-3449-438A-978C-265EE3A35FF8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8042169D-D9FA-4BD6-90D1-E0DE269E42B9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-326_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E6F048-D865-4378-87C7-B0E528134276\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D26F4F77-A6E3-4D7D-A781-BEB5FF7BC44F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"172D5EFF-E0DF-4A99-8499-71450A46A86C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB305B29-7F89-4A52-9ECF-3DB0BDD2350D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dnr-326_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"816E5F34-CE76-49E5-91F3-8CC84C561558\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33CB308B-CF82-4E40-B2DC-23EBD48CD130\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39FF9666-8493-4A36-A199-1190AD8FAF3D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0646B20C-5642-4CEA-A96C-7E82AD94A281\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD656642-EDD4-4EB2-81AB-04207BC14196\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F968791D-D3BD-442C-818E-4E878B12776D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A74D270-9076-474D-A06F-C915FCEA2164\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75E5010F-21BA-4B6B-B00C-2688268FD67B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CAFE1E3-B705-4CF1-AEB9-A474432B6D34\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5D08ED7-3E7F-4D30-890E-6535F6C34682\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42DA6DEB-3578-44A5-916F-1628141F0DDE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D042C75D-6731-46B2-B11E-A009B9029B3F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2C1EF70-AD9B-48D7-8DF6-A6416C517F12\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E691E775-382C-4BA9-AA44-FBC3148D3E54\"}]}]}]",
      "cveTags": "[{\"sourceIdentifier\": \"cna@vuldb.com\", \"tags\": [\"unsupported-when-assigned\"]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_get_fullscreen_photos of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument user leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.\"}, {\"lang\": \"es\", \"value\": \"** NO SOPORTADO CUANDO SE ASIGN\\u00d3 ** Se encontr\\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323 , DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550 -04 hasta 20240814 y fue clasificada como cr\\u00edtica. La funci\\u00f3n cgi_get_fullscreen_photos del archivo /cgi-bin/photocenter_mgr.cgi es afectada por esta vulnerabilidad. La manipulaci\\u00f3n del argumento user provoca un desbordamiento de b\\u00faffer. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el mantenedor. NOTA: Se contact\\u00f3 al proveedor tempranamente y se confirm\\u00f3 que el producto ha llegado al final de su vida \\u00fatil. Deber\\u00eda retirarse y reemplazarse.\"}]",
      "id": "CVE-2024-7832",
      "lastModified": "2024-08-19T16:02:17.383",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"cna@vuldb.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2024-08-15T14:15:14.210",
      "references": "[{\"url\": \"https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://vuldb.com/?ctiid.274730\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://vuldb.com/?id.274730\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://vuldb.com/?submit.390120\", \"source\": \"cna@vuldb.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cna@vuldb.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"cna@vuldb.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-7832\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2024-08-15T14:15:14.210\",\"lastModified\":\"2024-08-19T16:02:17.383\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[{\"sourceIdentifier\":\"cna@vuldb.com\",\"tags\":[\"unsupported-when-assigned\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_get_fullscreen_photos of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument user leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.\"},{\"lang\":\"es\",\"value\":\"** NO SOPORTADO CUANDO SE ASIGN\u00d3 ** Se encontr\u00f3 una vulnerabilidad en D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323 , DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 y DNS-1550 -04 hasta 20240814 y fue clasificada como cr\u00edtica. La funci\u00f3n cgi_get_fullscreen_photos del archivo /cgi-bin/photocenter_mgr.cgi es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento user provoca un desbordamiento de b\u00faffer. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el mantenedor. NOTA: Se contact\u00f3 al proveedor tempranamente y se confirm\u00f3 que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-120_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C44BE2C6-BF3E-43C3-B32F-2DCE756F94BC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E161E54-2FE9-4359-9B2D-8700D00DE8E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-202l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96195649-172A-4C21-AA15-7B05F86C5CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-202l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07A92F2C-16FD-4A53-8066-83FEC2818DF5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-315l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8CFCD7B-EFFB-4FAB-9537-46AC7B567126\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-315l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C5CED7-55A7-4026-95CD-A2ADB5853823\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4452F9A4-3A0A-4773-9818-04C94CF9F8E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F5355E-F68D-49FE-9793-1FD9BD9AF3E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4599D769-0210-4D49-9896-9AD1376A037E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C677E53-6885-4EC4-A7CC-E24E8F445F59\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-320lw_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE78C5B-2A98-47EE-BF67-CF58AFE50A37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-320lw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45467ABC-BAA9-4EB0-9F97-92E31854CA8B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-321_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC28053F-88A9-4CA1-A2A2-CC90FEEA68FC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-321:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A278BC9-6197-43D9-93C2-3DF760856FB7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-322l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3AD5EE-8E1E-4336-A1AB-AB028CC71286\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-322l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DAF62A4-2429-4B89-8FAD-8B23EF15E050\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-323_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641CB5F1-3DE0-480B-95A4-FC42A8FF3C97\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-323:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ED678A-AB4C-4637-B0D8-C232A0BB5D5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-325_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16954393-3449-438A-978C-265EE3A35FF8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-325:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8042169D-D9FA-4BD6-90D1-E0DE269E42B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-326_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E6F048-D865-4378-87C7-B0E528134276\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-326:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26F4F77-A6E3-4D7D-A781-BEB5FF7BC44F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-327l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"172D5EFF-E0DF-4A99-8499-71450A46A86C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-327l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB305B29-7F89-4A52-9ECF-3DB0BDD2350D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dnr-326_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"816E5F34-CE76-49E5-91F3-8CC84C561558\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dnr-326:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33CB308B-CF82-4E40-B2DC-23EBD48CD130\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-340l_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39FF9666-8493-4A36-A199-1190AD8FAF3D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-340l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0646B20C-5642-4CEA-A96C-7E82AD94A281\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-343_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD656642-EDD4-4EB2-81AB-04207BC14196\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-343:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F968791D-D3BD-442C-818E-4E878B12776D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-345_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12C5E2D7-018E-4ED1-92C7-B5B1D8CC6990\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E56821-7EA0-4CA1-BA17-7FD4ED9F794C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-726-4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A74D270-9076-474D-A06F-C915FCEA2164\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-726-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E5010F-21BA-4B6B-B00C-2688268FD67B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1100-4_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CAFE1E3-B705-4CF1-AEB9-A474432B6D34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1100-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D08ED7-3E7F-4D30-890E-6535F6C34682\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1200-05_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42DA6DEB-3578-44A5-916F-1628141F0DDE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1200-05:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D042C75D-6731-46B2-B11E-A009B9029B3F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dlink:dns-1550-04_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C1EF70-AD9B-48D7-8DF6-A6416C517F12\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dlink:dns-1550-04:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E691E775-382C-4BA9-AA44-FBC3148D3E54\"}]}]}],\"references\":[{\"url\":\"https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.274730\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.274730\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.390120\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"tags\": [\"unsupported-when-assigned\"], \"title\": \"D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_fullscreen_photos buffer overflow\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"BuaaI0TTeam (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 9, \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\"}}], \"affected\": [{\"vendor\": \"D-Link\", \"product\": \"DNS-120\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNR-202L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-315L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-320\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-320L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-320LW\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-321\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNR-322L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-323\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-325\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-326\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-327L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNR-326\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-340L\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-343\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-345\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-726-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-1100-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-1200-05\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}, {\"vendor\": \"D-Link\", \"product\": \"DNS-1550-04\", \"versions\": [{\"status\": \"affected\", \"version\": \"20240814\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-08-15T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2024-08-15T02:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2024-08-15T18:05:49.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.274730\", \"name\": \"VDB-274730 | D-Link DNS-1550-04 photocenter_mgr.cgi cgi_get_fullscreen_photos buffer overflow\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.274730\", \"name\": \"VDB-274730 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.390120\", \"name\": \"Submit #390120 | D-Link DNS 320/320L/321/323/325/327L Buffer Overflow\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md\", \"tags\": [\"exploit\"]}, {\"url\": \"https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383\", \"tags\": [\"related\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by this issue is the function cgi_get_fullscreen_photos of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument user leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced.\"}, {\"lang\": \"de\", \"value\": \"Eine Schwachstelle wurde in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 bis 20240814 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion cgi_get_fullscreen_photos der Datei /cgi-bin/photocenter_mgr.cgi. Mittels dem Manipulieren des Arguments user mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \\u00fcber das Netzwerk erfolgen. Der Exploit steht zur \\u00f6ffentlichen Verf\\u00fcgung.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2024-08-15T16:01:19.900Z\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7832\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-16T15:03:59.160871Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:dlink:dnr-202l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dnr-322l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dnr-326_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-1100-4_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-1200-05_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-120_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-1550-04_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-315l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-320l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-320lw_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-321_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-323_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-325_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-326_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-327l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-340l_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-343_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-345_firmware:*:*:*:*:*:*:*:*\", \"cpe:2.3:o:dlink:dns-726-4_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"dlink\", \"product\": \"dns-726-4_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"20240814\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2024-08-16T15:09:45.935Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-7832\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-15T16:01:19.900Z\", \"dateReserved\": \"2024-08-15T05:27:30.820Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2024-08-15T13:31:04.175Z\", \"assignerShortName\": \"VulDB\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.