Buffer Overflow Vulnerability in D-Link DIR-619L Router
CVE-2024-9786

8.8HIGH

Key Information:

Vendor: D-link
Status: Dir-619l B1
Vendor: CVE Published:; 10 October 2024

Badges

👾 Exploit Exists

What is CVE-2024-9786?

A serious buffer overflow vulnerability exists in the D-Link DIR-619L B1 router, specifically within the formSetLog function found in the /goform/formSetLog file. This issue arises from improper handling of the 'curTime' argument, which can lead to a buffer overflow condition. An attacker can exploit this vulnerability remotely, potentially leading to unauthorized access or control over the device. Given that this exploit has been publicly disclosed, it poses an urgent security risk to users of this router. It is recommended that users immediately apply the latest firmware updates to mitigate this vulnerability.

Affected Version(s)

DIR-619L B1 2.06

References

https://vuldb.com/?id.279938

vdb-entrytechnical-description

https://vuldb.com/?ctiid.279938

signaturepermissions-required

https://vuldb.com/?submit.414554

third-party-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 10, 2024
Vulnerability published
Oct 10, 2024
Vulnerability Reserved
Oct 10, 2024

Credit

wxhwxhwxh_tutu (VulDB User)

D-link

Badges

What is CVE-2024-9786?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit