CVE-2024-13105

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 2, 2025

CWE ID 284

CWE ID 266

Summary

CVE-2024-13105 is a critical vulnerability affecting the D-Link DIR-816 A2 1.10CNB05_R1B011D88210 model. This issue lies in the unknown functionality of the file /goform/form2Dhcpd.cgi within the DHCPD Setting Handler component. The manipulation of this functionality results in improper access controls. The vulnerability can be exploited remotely, and the attack method has been made public, posing a significant risk to affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

D-Link Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2FWn-v
https://www.cve.org/CVERecord?id=CVE-2024-13105
https://nvd.nist.gov/vuln/detail/CVE-2024-13105

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-13105

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations