Multiple Critical Vulnerabilities Discovered in D-Link D-View 8
D-Link, in collaboration with the Zero Day Initiative, has issued a critical security advisory regarding four newly discovered vulnerabilities in D-View 8, its network monitoring and management software. These vulnerabilities, tracked as CVE-2024-5296, CVE-2024-5297, CVE-2024-5298, and CVE-2024-5299, ranging from high to critical severity (CVSS scores 8.8 to 9.6), could allow attackers to bypass authentication and execute arbitrary code remotely on affected systems.
Image: D-Link
- CVE-2024-5296 (CVSS 9.6) – Authentication Bypass
This critical vulnerability allows remote attackers to bypass authentication on affected installations. The issue lies in the TokenUtils class, where a hard-coded cryptographic key can be exploited to bypass authentication. No authentication is required to exploit this vulnerability, making it particularly dangerous as it can be used to facilitate further attacks.
- CVE-2024-5297 (CVSS 8.8) – Remote Code Execution
This vulnerability is found in the executeWmicCmd method, which fails to properly validate user-supplied strings before executing a system call. Exploiting this flaw allows attackers to execute arbitrary code with root privileges. Authentication is required to exploit this vulnerability, but it can be bypassed when chained with CVE-2024-5296.
- CVE-2024-5298 (CVSS 8.5) – Remote Code Execution
Located in the queryDeviceCustomMonitorResult method, this vulnerability exposes a dangerous method that attackers can exploit to execute code with root privileges. Like CVE-2024-5297, it requires authentication that can be bypassed through CVE-2024-5296.
- CVE-2024-5299 (CVSS 8.8) – Remote Code Execution
This vulnerability exists in the execMonitorScript method due to an exposed dangerous method. An attacker can leverage this flaw to execute code as root. Exploitation requires authentication, which can be bypassed using CVE-2024-5296.
While there are no reports of these vulnerabilities being exploited in the wild, D-Link strongly urges all users to update their D-View 8 software to version 2.0.3.88 immediately. This update addresses all four vulnerabilities and is crucial for maintaining the security and integrity of your network.
