CVE-2024-51186

HIGH EPSS 53.1%
Published Nov 11, 20241y ago · Modified Jun 17, 20261w ago
8.0 CVSS 3.1
High
Find Similar
Published Nov 11, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions.

CVSS Details

Base Score
8.0
Exploitability
2.1
Impact
5.9
Vector string
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Adjacent
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
53.1% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-77 Command Injection Injection

Affected Products 2

VendorProductVersionRange
dlinkdir-820l_firmware1.05b03any
dlinkdir-820l*any

References 4

  • github.com https://github.com/4hsien/CVE-vulns/blob/main/D-Link/DIR-820L/CI_ping_addr/README.md
    ExploitThird Party Advisory
  • legacy.us.dlink.com https://legacy.us.dlink.com/pages/product.aspx?id=00c2150966b046b58ba95d8ae3a8f73d
    Product
  • dlink.com https://www.dlink.com/en
    Product
  • dlink.com https://www.dlink.com/en/security-bulletin/
    Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.