Buffer Overflow Vulnerability in D-Link DIR-605L Router
CVE-2024-9564

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dir-605l Firmware
Vendor: CVE Published:; 7 October 2024

What is CVE-2024-9564?

A serious buffer overflow vulnerability exists in the D-Link DIR-605L router, specifically linked to the formWlanWizardSetup function within the /goform/formWlanWizardSetup file. This vulnerability can be exploited remotely, allowing attackers to manipulate input arguments to execute unauthorized commands and potentially take control of the device. Security measures should be implemented immediately as the exploit details have been publicly disclosed, making affected systems vulnerable to attacks.

References

https://vuldb.com/?id.279372

https://vuldb.com/?ctiid.279372

https://vuldb.com/?submit.413923

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2024