CVE-2024-33113

EUVD-2024-30858
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.
Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
dlinkdir-845l_firmware
𝑥
≤ 1.01krb03
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/yj94/Yj_learning/blob/main/Week16/D-LINK-POC.md
https://github.com/yj94/Yj_learning/blob/main/Week16/D-LINK-POC.md