CVE-2024-13030: D-Link DIR-823G Web Management Interface HNAP1 SetVirtualServerSettings access control
First published: Mon Dec 30 2024(Updated: )
A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-823G Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-13030?
CVE-2024-13030 has been rated as critical.
What devices are affected by CVE-2024-13030?
CVE-2024-13030 affects the D-Link DIR-823G device.
How do I fix CVE-2024-13030?
To fix CVE-2024-13030, update your D-Link DIR-823G firmware to the latest version.
What functions are vulnerable in CVE-2024-13030?
CVE-2024-13030 impacts the SetAutoRebootSettings, SetClientInfo, SetDMZSettings, SetFirewallSettings, SetParentsControlInfo, SetQoSSettings, and SetVirtualServerSettings functions.
Is CVE-2024-13030 remotely exploitable?
Yes, CVE-2024-13030 can potentially be exploited remotely due to its nature.
- agent/title
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/type
- agent/description
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/d-link
- canonical/d-link dir-823g firmware