CVE-2024-9782

HIGH

D-Link DIR-619L B1 2.06 - Buffer Overflow via formEasySetupWWConfig curTime Parameter

Title source: llm
STIX 2.1

Description

A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

References (5)

Core 5
Core References
Third Party Advisory vdb-entry technical-description
https://vuldb.com/?id.279934
Permissions Required signature permissions-required
https://vuldb.com/?ctiid.279934
Third Party Advisory third-party-advisory
https://vuldb.com/?submit.414549
Product product
https://www.dlink.com/

Scores

CVSS v3 8.8
EPSS 0.0107
EPSS Percentile 61.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Products (1)
dlink/dir-619l_firmware 2.06
Published Oct 10, 2024
Tracked Since Feb 18, 2026