Buffer Overflow Vulnerability in D-Link DIR-619L B1 Routers
CVE-2024-9569

8.8HIGH

Key Information:

Vendor: D-Link
Status: Dir-619l Firmware
Vendor: CVE Published:; 7 October 2024

Summary

A buffer overflow vulnerability exists in the D-Link DIR-619L B1 router related to the formEasySetPassword function. This flaw occurs due to improper handling of the curTime parameter within the /goform/formEasySetPassword file, potentially allowing attackers to exploit this vulnerability remotely. The disclosure of this exploit raises serious concerns for device security, as it exposes users to unauthorized access and possible system compromise.

References

https://vuldb.com/?id.279463

https://vuldb.com/?ctiid.279463

https://vuldb.com/?submit.414547

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 7, 2024