CVE-2024-45694
CRITICALD-Link DIR-X5460 and DIR-X4860 Firmware - Unauthenticated Stack-based Buffer Overflow
Title source: llmDescription
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html
Scores
CVSS v3
9.8
EPSS
0.0249
EPSS Percentile
85.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (6)
dlink/dir-x4860_firmware
1.00
dlink/dir-x4860_firmware
1.04
dlink/dir-x5460_firmware
1.01
dlink/dir-x5460_firmware
1.02
dlink/dir-x5460_firmware
1.04
dlink/dir-x5460_firmware
1.10
Published
Sep 16, 2024
Tracked Since
Feb 18, 2026