CVE-2024-9911

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 13, 2024
Updated: Oct 15, 2024
CWE ID 120

Summary

CVE-2024-9911 is a critical vulnerability affecting the D-Link DIR-619L B1 version 2.06, which allows for remote exploitation due to a buffer overflow in the function formSetPortTr. The issue arises from improper handling of the argument curTime, potentially leading to significant impacts on confidentiality, integrity, and availability. Organizations utilizing this product are at risk of unauthorized access and control over their devices, as the exploit requires low privileges and no user interaction. To remediate this vulnerability, it is recommended that affected users apply any available firmware updates from D-Link or implement network-based protections to mitigate exposure. The vulnerability has been publicly disclosed, increasing the urgency for organizations to address it promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share