Multiple D-Link Products Vulnerabilities

November 28, 2024

FormBook Malware – Active IOCs

November 28, 2024

Multiple TP-Link TL-WDR7660 Vulnerabilities

November 28, 2024

Severity

Medium

Analysis Summary

CVE-2024-48712 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48710 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48713 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48714 CVSS:6.5

In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2024-48712
CVE-2024-48710
CVE-2024-48713
CVE-2024-48714

Affected Vendors

TP-Link

Affected Products

TP-Link TL-WDR7660 1.0

Remediation

Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Multiple D-Link Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple D-Link Products Vulnerabilities

FormBook Malware – Active IOCs

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation