Exploitation Summary
EIP tracks 1 public exploit for CVE-2024-27619. PoCs published by ioprojecton.
AI-analyzed exploit summary This repository documents a Denial of Service (DoS) vulnerability in D-Link dir-3040 routers (firmware 1.20b03a hotfix) where an authenticated FTP user can fill the device's RAM by writing large files, causing a crash and reboot. The issue stems from improper memory management and lack of bounds checking in the FTP server configuration.
Description
Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot.
Exploits (1)
This repository documents a Denial of Service (DoS) vulnerability in D-Link dir-3040 routers (firmware 1.20b03a hotfix) where an authenticated FTP user can fill the device's RAM by writing large files, causing a crash and reboot. The issue stems from improper memory management and lack of bounds checking in the FTP server configuration.
References (3)
Scores
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H