What is CVE-2024-33344?

CVE-2024-33344 is a vulnerability in N/a. Published 2024-04-26.

Is CVE-2024-33344 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-33344

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell.

EPSS: 0.537 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores
fkie-cad/nvd-json-data-feeds

References

www.dlink.com.cn/techsupport/ProductInfo.aspx
github.com/n0wstr/IOTVuln/tree/main/DIR-822+/UploadFirmware

Frequently asked questions

What is CVE-2024-33344?: CVE-2024-33344 is a vulnerability in N/a. Published 2024-04-26.
Is CVE-2024-33344 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.