June 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Amadey Botnet – Active IOCs
July 5, 2024
Threat Actors Breach South Korean ERP Vendor Server to Distribute Xctdoor Malware – Active IOCs
July 5, 2024
Amadey Botnet – Active IOCs
July 5, 2024
Threat Actors Breach South Korean ERP Vendor Server to Distribute Xctdoor Malware – Active IOCs
July 5, 2024
Severity
High
Analysis Summary
CVE-2024-5296 CVSS:9.8
D-Link D-View could allow a remote attacker to bypass security restrictions, caused by the use of hard-coded cryptographic key in the TokenUtils class. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication on the system.
CVE-2024-5294 CVSS:4.3
D-Link DIR-3040 Routers are vulnerable to a denial of service, caused by a memory leak in the handling of HNAP requests made to the lighttpd webserver listening on ports 80 and 443. By sending specially crafted HNAP requests, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-34950 CVSS:8.8
D-Link DIR-822+ is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the SetNetworkTomographySettings module. By sending a specially crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Security Bypass
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-5296
- CVE-2024-5294
- CVE-2024-34950
Affected Vendors
D-Link
Affected Products
- D-Link D-View
- D-Link DIR-822+ 1.0.5
- D-Link DIR-3040
Remediation
Upgrade to the latest version of D-Link, available from the D-Link Website.