Multiple D-Link DIR-605L Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-9549 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9535 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. Affected by this vulnerability is the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2024-9549
CVE-2024-9535

Affected Vendors

D-Link

Affected Products

D-Link DIR-605L - 2.13B01 BETA

Remediation

Refer to D-Link Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-9549

CVE-2024-9535

North Korean APT Kimsuky aka Black Banshee – Active IOCs

LiteSpeed Cache Plugin Vulnerability Puts WordPress Websites at Serious Risk

Multiple D-Link DIR-605L Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan