CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-9532 – D-Link DIR-605L formAdvanceSetup buffer overflow
https://notcve.org/view.php?id=CVE-2024-9532
05 Oct 2024 — A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This vulnerability affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279238 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-9515 – D-Link DIR-605L formSetQoS buffer overflow
https://notcve.org/view.php?id=CVE-2024-9515
04 Oct 2024 — A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. • https://github.com/noahze01/IoT-vulnerable/blob/main/D-Link/DIR-605L/formSetQoS.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-9514 – D-Link DIR-605L formSetDomainFilter buffer overflow
https://notcve.org/view.php?id=CVE-2024-9514
04 Oct 2024 — A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability affects the function formSetDomainFilter of the file /goform/formSetDomainFilter. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. • https://github.com/noahze01/IoT-vulnerable/blob/main/D-Link/DIR-605L/formSetDomainFilter.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37630
https://notcve.org/view.php?id=CVE-2024-37630
13 Jun 2024 — D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc/passwd, which allows attackers to log in as root. Se descubrió que D-Link DIR-605L v2.13B01 contiene una vulnerabilidad de contraseña codificada en /etc/passwd, que permite a los atacantes iniciar sesión como root. • https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/D-link/DIR-605L/README.md • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-19318
https://notcve.org/view.php?id=CVE-2020-19318
11 Sep 2023 — Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program. Vulnerabilidad de Desbordamiento de Búfer en D-Link DIR-605L, versión de hardware AX, versión de firmware 1.17beta e inferior, permite a atacantes autorizados ejecutar código arbitrario mediante el envío de datos manipulados al programa de servicio del servidor web. • https://github.com/hhhhu8045759/dir_605L-stack-overflow/blob/master/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-29961
https://notcve.org/view.php?id=CVE-2023-29961
16 May 2023 — D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup, • https://github.com/Archerber/bug_submit/blob/main/D-Link/dir605l.md • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24344
https://notcve.org/view.php?id=CVE-2023-24344
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 5%CPEs: 2EXPL: 1CVE-2023-24343
https://notcve.org/view.php?id=CVE-2023-24343
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-24345
https://notcve.org/view.php?id=CVE-2023-24345
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/03 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 1CVE-2023-24346
https://notcve.org/view.php?id=CVE-2023-24346
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •