Buffer Overflow Vulnerability in D-Link DIR-605L 2.13B01 BETA Router
CVE-2024-9514

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dir-605l Firmware
Vendor: CVE Published:; 4 October 2024

What is CVE-2024-9514?

A vulnerability exists in the D-Link DIR-605L 2.13B01 BETA router that allows for remote exploitation through the formSetDomainFilter function. The manipulation of the curTime argument can lead to a buffer overflow, enabling an attacker to execute arbitrary commands or gain unauthorized access. The details of the exploit have been publicly disclosed, increasing the urgency for users to secure their devices and apply necessary mitigations.

References

https://vuldb.com/?id.279214

https://vuldb.com/?ctiid.279214

https://vuldb.com/?submit.413874

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2024