CVE-2023-24762 Information

Description

OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to execute arbitrary commands via a crafted LocalIPAddress parameter for the SetVirtualServerSettings to HNAP1.

Reference

https://www.dlink.com/en/security-bulletin/ https://hackmd.io/@uuXne2y3RjOdpWM87fw6_A/HyPK04zho