June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
North Korean APT Kimsuky aka Black Banshee – Active IOCs
November 1, 2024
LiteSpeed Cache Plugin Vulnerability Puts WordPress Websites at Serious Risk
November 1, 2024
North Korean APT Kimsuky aka Black Banshee – Active IOCs
November 1, 2024
LiteSpeed Cache Plugin Vulnerability Puts WordPress Websites at Serious Risk
November 1, 2024
Severity
High
Analysis Summary
CVE-2024-9549 CVSS:8.8
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-9535 CVSS:8.8
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. Affected by this vulnerability is the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-9549
- CVE-2024-9535
Affected Vendors
D-Link
Affected Products
- D-Link DIR-605L - 2.13B01 BETA
Remediation
Refer to D-Link Security Advisory for patch, upgrade or suggested workaround information.
