CVE-2024-9564

Summary

CVE-2024-9564 is a critical vulnerability affecting the D-Link DIR-605L 2.13B01 BETA router, specifically in the formWlanWizardSetup function of the /goform/formWlanWizardSetup file. This vulnerability allows for a buffer overflow exploit by manipulating the argument webpage, enabling remote attacks without requiring user interaction. The risk level is assessed as high due to its potential impact on confidentiality, integrity, and availability, with an overall CVSS score of 8.8. Organizations using the affected product should implement remediation steps provided by D-Link or consider upgrading their devices to mitigate this risk. Exploitation of this vulnerability could lead to significant security breaches within an organization’s network.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.