| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
| CVE-2024-0769 | 21 Jan 202400:00 | – | attackerkb | |
| The vulnerability in the hedwig.cgi script of D-Link DIR-859 router software allows a hacker to gain unauthorized access to protected information. | 24 Jan 202400:00 | – | bdu_fstec | |
| CVE-2024-0769 | 20 Jan 202422:51 | – | circl | |
| D-Link DIR-859 Router Path Traversal Vulnerability | 25 Jun 202500:00 | – | cisa_kev | |
| CISA Adds Three Known Exploited Vulnerabilities to Catalog | 25 Jun 202512:00 | – | cisa | |
| D-Link DIR-859 Path Traversal Vulnerability | 21 Jan 202400:00 | – | cnnvd | |
| CVE-2024-0769 | 21 Jan 202408:00 | – | cve | |
| CVE-2024-0769 D-Link DIR-859 HTTP POST Request hedwig.cgi path traversal | 21 Jan 202408:00 | – | cvelist | |
| CVE-2024-0769 | 21 Jan 202408:15 | – | nvd | |
| D-Link DIR-859 Multiple Vulnerabilities (2019 - 2024) | 26 Jun 202500:00 | – | openvas |
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(241294);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/07/04");
script_cve_id("CVE-2024-0769");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2025/07/16");
script_name(english:"DLink DIR-859 1.05 & 1.06B01 Path Traversal");
script_set_attribute(attribute:"synopsis", value:
"A web application is affected by a path traversal vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of DLink installed on the remote host is prior to 1.07b03. It is, therefore, affected by
a path traversal vulnerability as referenced in the vendor advisory.
- A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this
issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler.
The manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/
DHCPS6.BRIDGE-1.xml leads to path traversal. The attack may be launched remotely. The exploit has been
disclosed to the public and may be used. VDB-251666 is the identifier assigned to this vulnerability.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should
be retired and replaced. (CVE-2024-0769)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10371
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3cd2c718");
# https://github.com/c2dc/cve-reported/blob/main/CVE-2024-0769/CVE-2024-0769.md
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3f1b180c");
script_set_attribute(attribute:"solution", value:
"See vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-0769");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/15");
script_set_attribute(attribute:"patch_publication_date", value:"2024/01/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/07/03");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/h:dlink:dir");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("dlink_dir_www_detect.nbin");
script_require_keys("installed_sw/DLink DIR");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var app_info = vcf::combined_get_app_info(app:'DLink DIR');
var constraints = [
{ 'DIR-859':
{'constraints': [
{'equal' : '1.06B01', 'fixed_display' : 'See vendor advisory'}
]
}
}
];
var tmp = NULL;
if(!empty_or_null(app_info.model))
{
for (var i=0; i<max_index(constraints); i++)
{
tmp = constraints[i][app_info.model]['constraints'];
if (!empty_or_null(tmp))
vcf::check_version_and_report(app_info:app_info, constraints:tmp, severity:SECURITY_HOLE);
else vcf::audit();
}
}
else exit(0, 'DLink DIR device model not detected');Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation