CVE-2024-48630

D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command injection vulnerability via the MacAddress parameter in the SetMACFilters2 function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request.

CVSS

No CVSS.

References

Link	Resource
https://github.com/pjqwudi1/my_vuln/blob/main/D-link4/vuln_41/41.md	Broken Link
https://www.dlink.com/en/security-bulletin/	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dlink:dir-882_firmware:1.30b06:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:dlink:dir-878_firmware:1.30b08:-:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*

History

07 May 2025, 16:07

Type	Values Removed	Values Added
First Time		Dlink dir-882 Dlink Dlink dir-882 Firmware Dlink dir-878 Firmware Dlink dir-878
CPE		cpe:2.3:h:dlink:dir-878:-:::::::* cpe:2.3:o:dlink:dir-878_firmware:1.30b08:-:::::: cpe:2.3:o:dlink:dir-882_firmware:1.30b06:::::::* cpe:2.3:h:dlink:dir-882:-:::::::*
References	~~() https://github.com/pjqwudi1/my_vuln/blob/main/D-link4/vuln_41/41.md -~~	() https://github.com/pjqwudi1/my_vuln/blob/main/D-link4/vuln_41/41.md - Broken Link
References	~~() https://www.dlink.com/en/security-bulletin/ -~~	() https://www.dlink.com/en/security-bulletin/ - Product

17 Oct 2024, 19:35

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-17 18:15

Updated : 2025-05-07 16:07

NVD link : CVE-2024-48630

Mitre link : CVE-2024-48630

JSON object : View

Products Affected

dlink

dir-882
dir-878_firmware
dir-878
dir-882_firmware

CWE

No CWE.

JSON object

Attach tags to CVE-2024-48630

Attach tags to `CVE-2024-48630`