CVE-2024-51186

HIGH

D-Link DIR-820L 1.05b03 - Remote Code Execution via ping_addr Parameter

Title source: llm

Description

D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via the ping_addr parameter in the ping_v4 and ping_v6 functions.

References (4)

Core 4

Core References

Exploit, Third Party Advisory

https://github.com/4hsien/CVE-vulns/blob/main/D-Link/DIR-820L/CI_ping_addr/README.md

View Exploit ZIP pw:eip

Product

https://legacy.us.dlink.com/pages/product.aspx?id=00c2150966b046b58ba95d8ae3a8f73d

Product

https://www.dlink.com/en

Product

https://www.dlink.com/en/security-bulletin/

Scores

CVSS v3 8.0

EPSS 0.0130

EPSS Percentile 80.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-77

Status published

Products (1)

dlink/dir-820l_firmware 1.05b03

Published Nov 11, 2024

Tracked Since Feb 18, 2026