CVE-2024-9909

13 Oct 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-9909

Dom, 13/10/2024 – 14:15

Tipo

CWE-120

Gravedad v2.0

9.00

Gravedad 2.0 Txt

HIGH

Título en

CVE-2024-9909

Descripción en

A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formSetMuti of the file /goform/formSetMuti. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

13/10/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vector CVSS:2.0

AV:N/AC:L/Au:S/C:C/I:C/A:C

Gravedad 3.1 (CVSS 3.1 Base Score)

8.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formSetMuti.md

https://vuldb.com/?ctiid_280237=