CVE-2024-10915

HIGH EXPLOITED NUCLEI

Dlink Dns-320 Firmware - Command Injection

Title source: rule

Description

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgi_user_add of the file /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. The manipulation of the argument group leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.

Exploits (1)

nomisec WORKING POC

by r0otk3r · remote

https://github.com/r0otk3r/CVE-2024-10915

View Code ZIP pw:eip

Nuclei Templates (1)

D-Link NAS - Command Injection via Group Parameter

CRITICALVERIFIEDby s4e-io

Shodan: http.html:"sharecenter"

FOFA: body="sharecenter"

References (5)

[Exploit, Third Party Advisory] https://netsecfish.notion.site/Command-Injection-Vulnerability-in-group-parameter-for-D-Link-NAS-12d6b683e67c803fa1a0c0d236c9a4c5?pvs=4

[Third Party Advisory, VDB Entry] https://vuldb.com/?ctiid.283310

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.283310

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.432848

[Product] https://www.dlink.com/

Scores

CVSS v3 8.1

EPSS 0.9406

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-11-26

CWE

CWE-78 CWE-74 CWE-707

Status published

Products (4)

dlink/dns-320_firmware

dlink/dns-320lw_firmware

dlink/dns-325_firmware

dlink/dns-340l_firmware

Published Nov 06, 2024

Tracked Since Feb 18, 2026