CVE-2024-9549

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 6, 2024
Updated: Oct 10, 2024
CWE ID 120

Summary

CVE-2024-9549 is a critical vulnerability affecting the D-Link DIR-605L router with firmware version 2.13B01 BETA, specifically in the Easy Setup Wizard functionality. The vulnerability arises from a buffer overflow due to improper handling of the curTime argument, which can be exploited remotely. Organizations using this device face significant risks as the exploit allows for high-level impacts on confidentiality, integrity, and availability. To remediate this issue, users are advised to update their firmware to a secure version provided by D-Link. Given its low attack complexity and high potential impact score of 8.8, immediate action is recommended to mitigate possible exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share