Advisory No: TZCERT/SA/2024/07/26-4
Date of First Release: 26th July 2024
Source: D-Link
Software Affected: DIR-823X – Firmware v240126
Overview:
The firmware version in the D-Link device is vulnerable to a remote command execution vulnerability. The attackers can leverage the vulnerability to take control of the affected device.
Description:
DIR-823X Hardware Revision Ax, Firmware version 240126 is affected by a LAN-Side authenticated remote command execution vulnerability resulting from improper handling of the ntp_zone_val field in the CGI request for /goform/set_ntp by the web server. craft a malicious ntp_zone_val field and send a malicious HTTP request to the /goform/set_ntp CGI, leading to command execution with administrator privileges on the firmware file system.
Impact:
Successful exploitation of this vulnerability may allow an attacker to take control of the affected device.
Solution:
D-Link has released a hotfix for this vulnerability. Users and administrators are encouraged to apply necessary updates.
References: