Lucene search

K
nvd[email protected]NVD:CVE-2024-9910
HistoryOct 13, 2024 - 3:15 p.m.

CVE-2024-9910

2024-10-1315:15:11
CWE-120
web.nvd.nist.gov
3
cve
d-link
buffer overflow

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

58.0%

A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected configurations

Nvd
Node
dlinkdir-619l_firmwareMatch2.06b1
AND
dlinkdir-619lMatchb1
VendorProductVersionCPE
dlinkdir-619l_firmware2.06b1cpe:2.3:o:dlink:dir-619l_firmware:2.06b1:*:*:*:*:*:*:*
dlinkdir-619lb1cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

58.0%

Related for NVD:CVE-2024-9910