Possibly Related Threads…

cnssecy · Dec 03, 2024, 05:17 AM

yeah looking awesome ! if its works

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching.

kwiplash · Dec 03, 2024, 08:11 AM

[cita="GYATT" pid='928360' dateline='1731790795']
Saludos y saludos, comunidad de Breachforums.

Hoy traigo a la mesa una 'vulnerabilidad crítica de inyección de comandos en dispositivos NAS de D-Link'

Descripción:

CVE-2024-10914 es una vulnerabilidad crítica de inyección de comandos que afecta a los dispositivos de almacenamiento conectado a red (NAS) de D-Link. Esta falla, con una puntuación CVSS de 9,2, permite a atacantes no autenticados ejecutar comandos de shell arbitrarios aprovechando una validación de entrada incorrecta en el comando cgi_user_add. La vulnerabilidad se puede activar de forma remota mediante una solicitud HTTP GET especialmente diseñada, lo que la hace muy explotable.

Enlace al verificador en Github, responda a continuación para obtener acceso si es un miembro no actualizado.

[/cita]
yokis

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: This is an English only forum.

akus4ng3kkkk · Dec 03, 2024, 08:50 PM

I am very curious on what exactly this would be. thank you! Big Grin

bengeba · Dec 04, 2024, 02:02 AM

Thanks pity we wont be getting more.

newplzgibeme · Dec 04, 2024, 04:21 AM

pretty new lets see how it works

lolololololololo265l · Dec 08, 2024, 03:54 PM

(Nov 16, 2024, 08:59 PM)GYATT Wrote: Greetings & Salutations, Breachforums community.

Today I am bringing to the table a 'Critical Command Injection Vulnerability in D-Link NAS Devices'

Description:

CVE-2024-10914 is a critical command injection vulnerability affecting legacy D-Link Network Attached Storage (NAS) devices. This flaw, with a CVSS score of 9.2, allows unauthenticated attackers to execute arbitrary shell commands by exploiting improper input validation in the cgi_user_add command. The vulnerability can be triggered remotely using a specially crafted HTTP GET request, making it highly exploitable.

Link to checker on Github, reply below to get access if you are an un-upgraded member.

Thank you brother

kikbusnixe · Feb 10, 2025, 05:37 AM

Nice thanks i hope we will see you more

Hunters0p3r4ti0n · Feb 12, 2025, 12:48 PM

Thanks for sharing

lana_1337 · Feb 12, 2025, 02:48 PM

Thanks! This sounds interesting,

0asdasdasd · (This post was last modified: Feb 17, 2025, 05:44 PM by 0asdasdasd.)

Checking it out. Nice exploit thx

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Google Dorks for finding SQL injection vulnerabilities and other security issues	1yush	65	2,855	2 hours ago Last Post: UnknownUser01
	Acunetix Premium Cracked v24 Full Activated	A3g00n	22	1,305	10 hours ago Last Post: Usercomplex
	CVE-2024-32002 RCE PoC	HA_twck	1	376	Apr 24, 2026, 05:13 AM Last Post: p2wnz_bontensec
	GeoServer: Full Exploit + Mass Scanning Utility	Loki	26	2,791	Apr 24, 2026, 04:56 AM Last Post: p2wnz_bontensec
	New Zer0 Day Wordpress	A3g00n	78	2,840	Apr 24, 2026, 04:54 AM Last Post: p2wnz_bontensec