Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-3rhw-32pj-8927

Опубликовано: 06 окт. 2024
Источник: github
Github: Не прошло ревью
CVSS4: 8.7
CVSS3: 8.8

Описание

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Ссылки

EPSS

Процентиль: 58%
0.00368
Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

CVE-2024-9549

Дефекты

CWE-120

Связанные уязвимости

nvd логотип

CVE-2024-9549

CVSS3: 8.8
nvd
больше 1 года назад

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

fstec логотип

BDU:2024-08588

CVSS3: 8.8
fstec
больше 1 года назад

Уязвимость функции formEasySetupWizard() и formEasySetupWizard2() (/goform/formEasySetupWizard) микропрограммного обеспечения маршрутизаторов D-Link DIR-605L, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 58%
0.00368
Низкий

8.7 High

CVSS4

8.8 High

CVSS3

CVE ID

CVE-2024-9549

Дефекты

CWE-120