Directory Traversal Vulnerability in D-Link DAP-1650 Firmware
CVE-2024-40505

Currently unrated

Key Information:

Vendor: D-Link
Status: Dap-1650 Firmware
Vendor: CVE Published:; 16 July 2024

What is CVE-2024-40505?

A directory traversal vulnerability exists in the D-Link DAP-1650, specifically in the firmware version 1.03, which allows local attackers to manipulate file paths through the hedwig.cgi component. This exploitation can lead to unauthorized access and privilege escalation, posing a serious risk to the integrity and confidentiality of the device. It is crucial for users to be aware of this vulnerability and apply the necessary updates or mitigations to protect their systems from potential unauthorized actions.

References

https://supportannouncement.us.dlink.com/security/publica...

https://coldwx.github.io/CVE-2024-40505.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2024