Buffer Overflow Vulnerability Affects D-Link Routers
CVE-2024-45695

9.8CRITICAL

Key Information:

Vendor: D-link
Status: Dir-x4860 A1
Vendor: CVE Published:; 16 September 2024

What is CVE-2024-45695?

The web service of specific D-Link wireless router models is susceptible to a Stack-based Buffer Overflow vulnerability. This security flaw enables unauthenticated remote attackers to exploit the weakness to execute arbitrary code on the affected devices. Successful exploitation could lead to unauthorized access and compromise the integrity of the network. Users and administrators are strongly advised to apply security patches and maintain the latest firmware updates to protect against potential attacks targeting this vulnerability.

Affected Version(s)

DIR-X4860 A1 1.00

DIR-X4860 A1 1.04

References

https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Sep 5, 2024

D-link

What is CVE-2024-45695?

Affected Version(s)

References

CVSS V3.1

Timeline