Analysis Summary

CVE-2024-9515 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9514 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability affects the function formSetDomainFilter of the file /goform/formSetDomainFilter. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-9551 CVSS:8.8

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. Affected by this vulnerability is the function formSetWanL2TP of the file /goform/formSetWanL2TP. The manipulation of the argument webpage leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Impact

• Buffer Overflow

Indicators of Compromise

CVE

• CVE-2024-9515
• CVE-2024-9514
• CVE-2024-9551

Affected Vendors

Remediation

Refer to D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2024-9515

CVE-2024-9514

CVE-2024-9551