CVE-2024-57045

CRITICAL NUCLEI

D-Link DIR-859 <A3 1.05 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-57045. PoCs published by spicy-bear. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains functional exploit code for CVE-2024-57045, targeting a vulnerability in a web application's `getcfg.php` endpoint. The exploit sends a crafted POST request to leak device information, demonstrating an information disclosure vulnerability.

Description

A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the authentication. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page.

Exploits (1)

github WORKING POC
by spicy-bear · pythonpoc
https://github.com/spicy-bear/cve_exploits/tree/main/cve-2024-57045.py

The repository contains functional exploit code for CVE-2024-57045, targeting a vulnerability in a web application's `getcfg.php` endpoint. The exploit sends a crafted POST request to leak device information, demonstrating an information disclosure vulnerability.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Unknown (likely a network device or web application with `getcfg.php` endpoint)
No auth needed
Prerequisites: Network access to the target · Target service running on port 80 (default)
devstral-2 · analyzed Feb 27, 2026 Full analysis →

Nuclei Templates (1)

D-Link DIR-859 - Information Disclosure
CRITICALVERIFIEDby ritikchaddha
Shodan: title:"D-Link"
FOFA: title="D-Link"

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.3226
EPSS Percentile 98.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-287
Status published
Products (1)
dlink/dir-859_a3_firmware < 1.05
Published Feb 18, 2025
Tracked Since Feb 18, 2026