Multiple D-Link DIR-605L Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-9534 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function formEasySetPassword of the file /goform/formEasySetPassword. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9533 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2024-9534
CVE-2024-9533

Affected Vendors

D-Link

Affected Products

D-Link DIR-605L - 2.13B01 BETA

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2024-9534

CVE-2024-9533

CryptBot Trojan – Active IOCs

Mirai Botnet aka Katana – Active IOCs

Multiple D-Link DIR-605L Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan