CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9569 – D-Link DIR-619L B1 formEasySetPassword buffer overflow
https://notcve.org/view.php?id=CVE-2024-9569
A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formEasySetPassword of the file /goform/formEasySetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formEasySetPassword.md https://vuldb.com/?ctiid.279463 https://vuldb.com/?id.279463 https://vuldb.com/?submit.414547 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9568 – D-Link DIR-619L B1 formAdvNetwork buffer overflow
https://notcve.org/view.php?id=CVE-2024-9568
A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formAdvNetwork of the file /goform/formAdvNetwork. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formAdvNetwork.md https://vuldb.com/?ctiid.279462 https://vuldb.com/?id.279462 https://vuldb.com/?submit.414545 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9567 – D-Link DIR-619L B1 formAdvFirewall buffer overflow
https://notcve.org/view.php?id=CVE-2024-9567
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279461 https://vuldb.com/?ctiid.279461 https://vuldb.com/?submit.414544 https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formAdvFirewall.md https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9566 – D-Link DIR-619L B1 formDeviceReboot buffer overflow
https://notcve.org/view.php?id=CVE-2024-9566
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnerability affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formDeviceReboot.md https://vuldb.com/?ctiid.279460 https://vuldb.com/?id.279460 https://vuldb.com/?submit.414541 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45698 – D-Link WiFi router - OS Command Injection
https://notcve.org/view.php?id=CVE-2024-45698
Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device. • https://www.twcert.org.tw/tw/cp-132-8090-bf06b-1.html https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •