CVE-2024-9562
10/6/2024 11:15:00 PM
2 ماه قبل
2 ماه قبل
5
Reporter :cna@vuldb.com
Modified :10/6/2024 11:15:00 PM
Problem Data :CWE-120
Description
A vulnerability classified as critical was found in D-Link DIR-605L 2.13B01 BETA. This vulnerability affects the function formSetWizard1/formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Cvss Version 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | High |
| Integrity Impact | High |
| Availability Impact | High |
Reference
| لینک | منبع | تگ ها |
|---|---|---|
| https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-605L/formSetWizard.md | Exploit Third Party Advisory | |
| https://vuldb.com/?ctiid.279370 | Permissions Required | |
| https://vuldb.com/?submit.413921 | Third Party Advisory | |
| https://vuldb.com/?id.279370 | Third Party Advisory | |
| https://www.dlink.com/ | Product |