A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 09 Oct 2024 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink dir-605l
CPEs cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:*
Vendors & Products Dlink dir-605l

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-605l Firmware
CPEs cpe:2.3:o:dlink:dir-605l_firmware:2.13b01:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-605l Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sat, 05 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Title D-Link DIR-605L formDeviceReboot buffer overflow
Weaknesses CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2024-10-07T13:50:18.818Z

Reserved: 2024-10-04T17:26:50.528Z

Link: CVE-2024-9533

cve-icon Vulnrichment

Updated: 2024-10-07T13:48:16.086Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-05T13:15:17.040

Modified: 2024-10-09T11:18:34.560

Link: CVE-2024-9533

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.