ID de Prueba:	1.3.6.1.4.1.25623.1.0.171267
Categoría:	Web application abuses
Título:	D-Link DIR-600 Multiple Vulnerabilities (2023-2024)
Resumen:	D-Link DIR-600 devices are prone to multiple; vulnerabilities.
Descripción:	Summary: D-Link DIR-600 devices are prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2023-33625: Command injection in ssdp.cgi binary - CVE-2023-33626: Stack overflow via the gena.cgi binary - CVE-2024-7357: OS command injection in the function soapcgi_main of the file /soap.cgi Affected Software/OS: D-Link DIR-600 devices in all versions. Solution: No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. Note: Vendor states that DIR-600 reached its End-of-Support Date in 01.12.2010, it is no longer supported, and firmware development has ceased. See vendor advisory for further recommendations. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-33625 https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/cmd%20injection/README.md https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/cmd%20injection https://hackmd.io/@naihsin/By2datZD2 https://www.dlink.com/en/security-bulletin/ Common Vulnerability Exposure (CVE) ID: CVE-2023-33626 https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/overflow/README.md https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/overflow Common Vulnerability Exposure (CVE) ID: CVE-2024-7357
Copyright	Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.