CVE-2024-0717 - Vulnerability Details

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.28391.

Exploitation poc

Automatable yes

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

D-Link

DAP-1360

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-300

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-615

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-615GF

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-615S

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-615T

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-620

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-620S

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-806A

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-815

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-815AC

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-815S

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-816

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-820

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-822

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-825

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-825AC

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-825ACF

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-825ACG1

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-841

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-842

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-842S

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-843

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-853

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-878

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-882

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-1210

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-1260

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-2150

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-X1530

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DIR-X1860

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DSL-224

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DSL-245GR

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DSL-2640U

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DSL-2750U

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DSL-G2452GR

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DVG-5402G

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DVG-5402G

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DVG-5402GFRU

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DVG-N5402G

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DVG-N5402G-IL

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DWM-312W

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DWM-321

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DWR-921

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

DWR-953

affected

Version	Status	Constraints
`20240112`	affected	—

D-Link

Good Line Router v2

affected

Version	Status	Constraints
`20240112`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:dlink:dir-825acg1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825acg1:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:dlink:dir-841_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-841:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:dlink:dir-1260_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-1260:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:dlink:dir-x1530_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-x1530:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:dlink:dir-825_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:dlink:dir-842_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-842:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:dlink:dir-853_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-853:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:dlink:dir-1210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-1210:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:dlink:dir-806a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-806a:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:dlink:dir-815_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:dlink:dsl-245gr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dsl-245gr:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:dlink:dsl-g2452gr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dsl-g2452gr:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:dlink:dir-825acf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825acf:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:dlink:dir-615t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615t:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:dlink:dir-300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-300:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:dlink:dir-842s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-842s:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:dlink:dir-815s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-815s:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:dlink:dsl-2640u_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dsl-2640u:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:dlink:dir-2150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:dlink:dwr-921_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dwr-921:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:dlink:dir-615s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615s:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:dlink:dir-620_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-620:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:dlink:dvg-5402g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dvg-5402g:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:dlink:dir-882_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:dlink:dwm-312w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dwm-312w:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:dlink:dir-815\/ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-815\/ac:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:dlink:dsl-224_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dsl-224:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:dlink:dwm-321_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dwm-321:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:dlink:dap-1360_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:dlink:dir-820_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-820:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:dlink:dir-843_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-843:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:dlink:dvg-5402g\/gfru_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dvg-5402g\/gfru:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:dlink:dwr-953_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dwr-953:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:dlink:dvg-n5402g\/il_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dvg-n5402g\/il:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:dlink:dir-825ac_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-825ac:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:dlink:dir-620s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-620s:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:dlink:dvg-n5402g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dvg-n5402g:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:dlink:dir-615gf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615gf:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:dlink:dir-816_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-816:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Dlink Subscribe	Dap-1360 Subscribe Dap-1360 Firmware Subscribe Dir-1210 Subscribe Dir-1210 Firmware Subscribe Dir-1260 Subscribe Dir-1260 Firmware Subscribe Dir-2150 Subscribe Dir-2150 Firmware Subscribe Dir-300 Subscribe Dir-300 Firmware Subscribe Dir-615 Subscribe Dir-615 Firmware Subscribe Dir-615gf Subscribe Dir-615gf Firmware Subscribe Dir-615s Subscribe Dir-615s Firmware Subscribe Dir-615t Subscribe Dir-615t Firmware Subscribe Dir-620 Subscribe Dir-620 Firmware Subscribe Dir-620s Subscribe Dir-620s Firmware Subscribe Dir-806a Subscribe Dir-806a Firmware Subscribe Dir-815 Subscribe Dir-815\/ac Subscribe Dir-815\/ac Firmware Subscribe Dir-815 Firmware Subscribe Dir-815s Subscribe Dir-815s Firmware Subscribe Dir-816 Subscribe Dir-816 Firmware Subscribe Dir-820 Subscribe Dir-820 Firmware Subscribe Dir-822 Subscribe Dir-822 Firmware Subscribe Dir-825 Subscribe Dir-825 Firmware Subscribe Dir-825ac Subscribe Dir-825ac Firmware Subscribe Dir-825acf Subscribe Dir-825acf Firmware Subscribe Dir-825acg1 Subscribe Dir-825acg1 Firmware Subscribe Dir-841 Subscribe Dir-841 Firmware Subscribe Dir-842 Subscribe Dir-842 Firmware Subscribe Dir-842s Subscribe Dir-842s Firmware Subscribe Dir-843 Subscribe Dir-843 Firmware Subscribe Dir-853 Subscribe Dir-853 Firmware Subscribe Dir-878 Subscribe Dir-878 Firmware Subscribe Dir-882 Subscribe Dir-882 Firmware Subscribe Dir-x1530 Subscribe Dir-x1530 Firmware Subscribe Dir-x1860 Subscribe Dir-x1860 Firmware Subscribe Dsl-224 Subscribe Dsl-224 Firmware Subscribe Dsl-245gr Subscribe Dsl-245gr Firmware Subscribe Dsl-2640u Subscribe Dsl-2640u Firmware Subscribe Dsl-2750u Subscribe Dsl-2750u Firmware Subscribe Dsl-g2452gr Subscribe Dsl-g2452gr Firmware Subscribe Dvg-5402g Subscribe Dvg-5402g\/gfru Subscribe Dvg-5402g\/gfru Firmware Subscribe Dvg-5402g Firmware Subscribe Dvg-n5402g Subscribe Dvg-n5402g\/il Subscribe Dvg-n5402g\/il Firmware Subscribe Dvg-n5402g Firmware Subscribe Dwm-312w Subscribe Dwm-312w Firmware Subscribe Dwm-321 Subscribe Dwm-321 Firmware Subscribe Dwr-921 Subscribe Dwr-921 Firmware Subscribe Dwr-953 Subscribe Dwr-953 Firmware Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/999zzzzz/D-Link
https://vuldb.com/?ctiid.251542
https://vuldb.com/?id.251542

History

Fri, 30 May 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-01-19T15:31:04.290Z

Updated: 2025-05-30T14:26:30.162Z

Reserved: 2024-01-19T07:21:32.386Z

Link: CVE-2024-0717

Vulnrichment

Updated: 2024-08-01T18:11:35.784Z

NVD

Status : Modified

Published: 2024-01-19T16:15:11.190

Modified: 2024-11-21T08:47:12.370

Link: CVE-2024-0717

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Exploitation poc

Automatable yes

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object