A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnerability affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 09 Oct 2024 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dir-619l Firmware
CPEs cpe:2.3:o:dlink:dir-619l_firmware:2.06b1:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dir-619l Firmware

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared D-link
D-link dir-619l B1
CPEs cpe:2.3:h:d-link:dir-619l_b1:*:*:*:*:*:*:*:*
Vendors & Products D-link
D-link dir-619l B1
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 07 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
Description A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnerability affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Title D-Link DIR-619L B1 formDeviceReboot buffer overflow
Weaknesses CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2024-10-07T13:25:20.194Z

Reserved: 2024-10-07T06:19:48.194Z

Link: CVE-2024-9566

cve-icon Vulnrichment

Updated: 2024-10-07T13:25:12.764Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-07T13:15:16.077

Modified: 2024-10-09T11:15:10.977

Link: CVE-2024-9566

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.