CVE-2024-10916 Information

Description

A vulnerability classified as problematic has been found in D-Link DNS-320 DNS-320LW DNS-325 and DNS-340L up to 20241028. This affects an unknown part of the file /xml/info.xml of the component HTTP GET Request Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://vuldb.com/?id.283311 https://vuldb.com/?ctiid.283311 https://vuldb.com/?submit.432849 https://netsecfish.notion.site/Information-Disclosure-Vulnerability-Report-in-xml-info-xml-for-D-Link-NAS-12d6b683e67c8019a311e699582f51b6?pvs=4 https://www.dlink.com/