CVE-2024-13102: D-Link DIR-816 A2 DDNS Service access control
First published: Thu Jan 02 2025(Updated: )
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-816 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-13102?
CVE-2024-13102 is classified as a critical vulnerability.
What components are affected by CVE-2024-13102?
CVE-2024-13102 affects the DDNS Service component of the D-Link DIR-816 A2 router.
How can an attacker exploit CVE-2024-13102?
An attacker can exploit CVE-2024-13102 by remotely manipulating improper access controls in the DDNS service.
Is there a known fix for CVE-2024-13102?
Currently, there is no specific publicly available fix for CVE-2024-13102.
What steps should be taken to mitigate CVE-2024-13102?
To mitigate CVE-2024-13102, consider disabling the DDNS feature or restricting access to the router's management interface.
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/d-link
- canonical/d-link dir-816