June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
New Vulnerabilities in Microsoft macOS Apps Could Give Attackers Unrestricted Access
September 3, 2024
Multiple WordPress Carousel Slider Plugins Vulnerabilities
September 3, 2024
New Vulnerabilities in Microsoft macOS Apps Could Give Attackers Unrestricted Access
September 3, 2024
Multiple WordPress Carousel Slider Plugins Vulnerabilities
September 3, 2024
Severity
High
Analysis Summary
CVE-2023-30309 CVSS:7.5
D-Link DI-7003GV2 routers are vulnerable to a denial of service, caused by a flaw in the NAT port preservation strategy and an insufficient reverse path validation strategy. By utilize side-channel attack techniques, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-6044 CVSS:6.5
Multiple D-Link wireless routers could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing directory traversal sequences to read arbitrary system files.
CVE-2024-37630 CVSS:8.8
D-Link DIR-605L contains a hardcoded password vulnerability in /etc/passwd. A remote attacker could exploit this vulnerability to log in as root and gain administrator privileges.
Impact
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
- CVE-2023-30309
- CVE-2024-6044
- CVE-2024-37630
Affected Vendors
D-Link
Affected Products
- D-Link G403 earlier
- D-Link G415 earlier
- D-Link G416 earlier
- D-Link M18 earlier
- D-Link DI-7003GV2
- D-Link DIR-605L 2.13B01
Remediation
Refer to D-Link Website for patch, upgrade or suggested workaround information.