

Multiple D-Link Products Vulnerabilities
November 28, 2024
FormBook Malware – Active IOCs
November 28, 2024
Multiple D-Link Products Vulnerabilities
November 28, 2024
FormBook Malware – Active IOCs
November 28, 2024Severity
Medium
Analysis Summary
CVE-2024-48712 CVSS:6.5
In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.
CVE-2024-48710 CVSS:6.5
In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.
CVE-2024-48713 CVSS:6.5
In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.
CVE-2024-48714 CVSS:6.5
In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2024-48712
- CVE-2024-48710
- CVE-2024-48713
- CVE-2024-48714
Affected Vendors
Affected Products
- TP-Link TL-WDR7660 1.0
Remediation
Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.