CVE-2024-9558

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 6, 2024
Updated: Oct 8, 2024
CWE ID 120

Summary

CVE-2024-9558 is a critical vulnerability affecting the D-Link DIR-605L router version 2.13B01 BETA, specifically in the function formSetWanPPTP, which can be exploited remotely through a buffer overflow caused by improper handling of input arguments. The vulnerability allows attackers to compromise the confidentiality, integrity, and availability of affected systems, with a CVSS base score of 8.8 indicating high severity. Remediation efforts should focus on updating the affected firmware to mitigate this risk. Organizations utilizing this model are at significant risk if they do not address this vulnerability promptly, as it may lead to unauthorized access and potential data breaches. For further details and updates regarding this vulnerability, D-Link's official site and various third-party advisories can be consulted.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share