CVE-2024-9535

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 5, 2024

Updated: Oct 9, 2024

CWE ID 120

Summary

CVE-2024-9535 is a critical vulnerability affecting the D-Link DIR-605L version 2.13B01 BETA, specifically in the formEasySetupWWConfig function located in the /goform/formEasySetupWWConfig file. The vulnerability can be exploited remotely through a buffer overflow caused by manipulating the curTime argument. This poses significant risks to organizations as it could lead to unauthorized access and compromise data integrity and confidentiality. To mitigate this risk, users are advised to update their devices with any available patches provided by D-Link. The exploit has been publicly disclosed, increasing the urgency for remediation efforts to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database