Remote Denial of Service Vulnerability in D-Link DAP-1520

CVE-2024-36831

Currently unrated 🤨

Key Information

Vendor: D-Link
Vendor: CVE Published:; 17 December 2024

Summary

CVE-2024-36831 is a critical vulnerability in D-Link's DAP-1520 device, specifically found in the plugins_call_handle_uri_clean function. This weakness allows unauthenticated attackers to exploit a NULL pointer dereference, leading to a remote Denial of Service (DoS). An attacker can trigger this vulnerability by sending specially crafted HTTP requests, which may result in the device becoming unresponsive. Users of the affected firmware version are strongly advised to apply security patches and monitor for unusual traffic to mitigate potential exploits.

Refferences

https://www.dlink.com/en/security-bulletin/

https://www.dlink.com/en

https://supportannouncement.us.dlink.com/security/publica...

https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJW...

Timeline

Vulnerability published
Dec 17, 2024
Vulnerability Reserved
May 30, 2024

Collectors

NVD DatabaseMitre Database