CVE-2024-9569

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 7, 2024
Updated: Oct 9, 2024
CWE ID 120

Summary

CVE-2024-9569 is a critical vulnerability affecting the D-Link DIR-619L B1 model version 2.06, specifically within the formEasySetPassword function located in the /goform/formEasySetPassword file. This vulnerability allows for a buffer overflow due to improper manipulation of the curTime argument, which can be exploited remotely with low complexity and no user interaction required. The potential impact includes high risks to confidentiality, integrity, and availability, with a CVSS score of 8.8 indicating significant severity. To remediate this vulnerability, organizations should update their D-Link DIR-619L devices to the latest firmware provided by the manufacturer. Public disclosure of this exploit raises concerns about possible attacks on affected systems if not addressed promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share