Vulnerabilities

CVE-2024-23625

by Fred · 26/01/2024

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE messages. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root.

More information : https://blog.exodusintel.com/2024/01/25/d-link-dap-1650-subscribe-callback-command-injection-vulnerability/

Similar

Tags: Cybersecurity Alert