Key Information Vulnerability Name: D-LINK DNS-1550-04 up to 20240814 /CGI-BIN/HD_CONFIG.CGI CGI_FMT_R12R5_2ND_DISKMGR F_SOURCE_DEV COMMAND INJECTION Affected Products: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 CVSS Meta Temp Score: 6.0 Current Vulnerability Price: $0-$5k CTI Interest Score: 1.75 Vulnerability Description: This vulnerability exists in D-Link products including DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 (up to 20240814). The vulnerability affects the function cgi_FMT_R12R5_2nd_DiskMGR in the file /cgi-bin/hd_config.cgi. By combining the f_source_dev parameter with unknown input, a command injection vulnerability can be triggered. Describing the issue using CWE leads to CWE-77. The product constructs commands using external, untrusted input without properly neutralizing or incorrectly neutralizing special elements that could alter downstream components. Impact: The vulnerability affects confidentiality, integrity, and availability. CVE ID: CVE-2024-8212 Vulnerability Identification: The vulnerability is identified as CVE-2024-8212. Known exploitation of the vulnerability is easy. Attacks can be initiated remotely. Technical details and publicly known exploits are available. The MITRE ATT&CK framework describes this issue using the technique T1202. Disclosure Status: The vulnerability has been publicly disclosed, and it has been confirmed that the affected product has reached end-of-life. It is recommended to retire and replace the product.