CVE-2024-9565

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 7, 2024
Updated: Oct 8, 2024
CWE ID 120

Summary

CVE-2024-9565 is a critical vulnerability affecting the D-Link DIR-605L 2.13B01 BETA, specifically within the formSetPassword function of the /goform/formSetPassword file. This vulnerability allows for remote exploitation through buffer overflow by manipulating the curTime argument, posing significant risks to an organization's confidentiality, integrity, and availability. The CVSS score for this vulnerability is 8.8, indicating high severity with low privileges required for exploitation and no user interaction needed. Organizations are advised to implement remediation measures as soon as possible to mitigate potential attacks stemming from this vulnerability. Further details can be found in resources such as D-Link's official site and various third-party advisories.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share