CVE-2024-9549
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-9549 is a critical vulnerability affecting the D-Link DIR-605L router with firmware version 2.13B01 BETA, specifically in the Easy Setup Wizard functionality. The vulnerability arises from a buffer overflow due to improper handling of the curTime argument, which can be exploited remotely. Organizations using this device face significant risks as the exploit allows for high-level impacts on confidentiality, integrity, and availability. To remediate this issue, users are advised to update their firmware to a secure version provided by D-Link. Given its low attack complexity and high potential impact score of 8.8, immediate action is recommended to mitigate possible exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.