June 26, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CISA Alerts Users of Threat Actors Using F5 BIG-IP Cookies for Network Surveillance
October 11, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
October 11, 2024CISA Alerts Users of Threat Actors Using F5 BIG-IP Cookies for Network Surveillance
October 11, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
October 11, 2024
Severity
High
Analysis Summary
CVE-2024-9786 CVSS:8.8
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-9785 CVSS:8.8
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-9784 CVSS:8.8
A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-9783 CVSS:8.8
A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-9782 CVSS:8.8
A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-9786
- CVE-2024-9785
- CVE-2024-9784
- CVE-2024-9783
- CVE-2024-9782
Affected Vendors
D-Link
Affected Products
- D-Link DIR-619L B1 - 2.06
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.