Lucene search
TwcertVULNRICHMENT:CVE-2024-6044HistoryJun 17, 2024 - 2:30 a.m.
CVE-2024-6044 D-Link router - Arbitrary File Reading
2024-06-1702:30:04
CWE-22
twcert
github.com
4
d-link
router
path traversal
vulnerability
unauthenticated
attackers
local area network
arbitrary file reading
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.9%
Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL.
CNA Affected
[
{
"vendor": "D-Link",
"product": "G403",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "G415",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "G416",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "M18",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R03",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R04",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R12",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R18",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "E30",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.02",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "M30",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.02",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "M32",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.02",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "M60",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.02",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R32",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.10.02",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "E15",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.20.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "D-Link",
"product": "R15",
"versions": [
{
"status": "affected",
"version": "earlier",
"lessThan": "1.20.01",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-6044
2024-06-17 03:15:09
cve
cve
CVE-2024-6044
2024-06-17 03:15:09
cvelist
cvelist
CVE-2024-6044 D-Link router - Arbitrary File Reading
2024-06-17 02:30:04
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.9%
Related for VULNRICHMENT:CVE-2024-6044