[GYATT]

Greetings & Salutations, Breachforums community.

Today I am bringing to the table a 'Critical Command Injection Vulnerability in D-Link NAS Devices'

Description:

CVE-2024-10914 is a critical command injection vulnerability affecting legacy D-Link Network Attached Storage (NAS) devices. This flaw, with a CVSS score of 9.2, allows unauthenticated attackers to execute arbitrary shell commands by exploiting improper input validation in the cgi_user_add command.  The vulnerability can be triggered remotely using a specially crafted HTTP GET request, making it highly exploitable.


Link to checker on Github, reply below to get access if you are an un-upgraded member.

Hidden Content

You must register or login to view this content.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Threatening forum members

[result]

Nice thanks i hope we will see you more

[Alpha7777]

Checking this as wel

[erik666]

Checking this as wel !!!

[viloxitor]

nice one fam, hope this works

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

[viceCoolMan]

This should be good, I cant wait to view the code!

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.

[darkpheonix]

Thanks for the poc

[rojhack]

Nice thanks i hope we will see you more

[frankbomb]

I want to exploit the vulnerability script

[Meanjellybean]

Checking it out. Also banned for threatening members hahaha wow broo