CVE-2023-37791

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 17, 2023

Updated: Jul 27, 2023

CWE ID 787

Summary

CVE-2023-37791 is a stack overflow vulnerability affecting the D-Link DIR-619L v2.04(TW) router. This issue is due to an incorrect handling of the curTime parameter in the /goform/formLogin endpoint. An attacker can exploit this flaw by sending specially crafted input to trigger a buffer overflow, potentially leading to remote code execution or a denial-of-service condition. Users of this device are advised to apply the latest firmware updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

D LINK SYSTEMS INC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r8c2pW
https://www.cve.org/CVERecord?id=CVE-2023-37791
https://nvd.nist.gov/vuln/detail/CVE-2023-37791

Back to Vulnerability Database

CVE-2023-37791

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations