CVE-2024-9784

A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dir-619l_firmware:2.06:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*

History

16 Oct 2024, 14:12

Type Values Removed Values Added
CPE cpe:2.3:o:dlink:dir-619l_firmware:2.06:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*
First Time Dlink dir-619l Firmware
Dlink
Dlink dir-619l
References () https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formResetStatistic.md - () https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formResetStatistic.md - Exploit
References () https://vuldb.com/?ctiid.279936 - () https://vuldb.com/?ctiid.279936 - Permissions Required
References () https://vuldb.com/?id.279936 - () https://vuldb.com/?id.279936 - Permissions Required
References () https://vuldb.com/?submit.414552 - () https://vuldb.com/?submit.414552 - Third Party Advisory
References () https://www.dlink.com/ - () https://www.dlink.com/ - Product
Summary
  • (es) Se ha encontrado una vulnerabilidad clasificada como crítica en D-Link DIR-619L B1 2.06. La función formResetStatistic del archivo /goform/formResetStatistic está afectada. La manipulación del argumento curTime provoca un desbordamiento del búfer. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.

10 Oct 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-10 12:15

Updated : 2024-10-16 14:12


NVD link : CVE-2024-9784

Mitre link : CVE-2024-9784

CVE.ORG link : CVE-2024-9784


JSON object : View

Products Affected

dlink

  • dir-619l_firmware
  • dir-619l
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')