CVE-2024-6525: D-Link DAR-7000 decodmail.php deserialization
First published: Fri Jul 05 2024(Updated: )
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270368. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Dlink Dar-7000 Firmware | <=2023-09-22 | |
| Dlink Dar-7000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/epss
- collector/epss-latest
- source/FIRST
- agent/source
- vendor/dlink
- canonical/dlink dar-7000 firmware
- version/dlink dar-7000 firmware/2023-09-22
- canonical/dlink dar-7000