Stack Overflow Vulnerability in D-Link N300 WI-FI Router
CVE-2023-24344

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dir-605l Firmware
Vendor: CVE Published:; 10 February 2023

What is CVE-2023-24344?

The D-Link N300 WI-FI Router DIR-605L v2.13B01 is susceptible to a stack overflow vulnerability that can be exploited through the 'webpage' parameter in the /goform/formWlanGuestSetup endpoint. Attackers may leverage this flaw to execute arbitrary code or launch denial-of-service attacks, compromising the integrity and availability of the network environment. Users are advised to update their firmware to mitigate potential exploitation.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-6...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2023
Vulnerability Reserved
Jan 23, 2023