CVE-2024-36831
MEDIUMD-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX - DoS via NULL Pointer Dereference
Title source: llmDescription
A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication.
References (4)
Core 4
Core References
Permissions Required
https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJWvlBMYN1rtr75vqZqf1v3Eo/edit?usp=sharing
Product
https://www.dlink.com/en
Scores
CVSS v3
5.3
EPSS
0.0031
EPSS Percentile
54.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (1)
dlink/dap-1520_firmware
1.10b04 beta02
Published
Dec 17, 2024
Tracked Since
Feb 18, 2026