Request a Demo
Rewterz
CISA Alerts Users of Threat Actors Using F5 BIG-IP Cookies for Network Surveillance
October 11, 2024
Rewterz
SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
October 11, 2024

Multiple D-Link DIR-619L B1 Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-9786 CVSS:8.8

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9785 CVSS:8.8

A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9784 CVSS:8.8

A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9783 CVSS:8.8

A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9782 CVSS:8.8

A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Impact

  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2024-9786
  • CVE-2024-9785
  • CVE-2024-9784
  • CVE-2024-9783
  • CVE-2024-9782

Affected Vendors

D-Link

Affected Products

  • D-Link DIR-619L B1 - 2.06

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2024-9786

CVE-2024-9785

CVE-2024-9784

CVE-2024-9783

CVE-2024-9782