CVE-2024-27662

Name of the Vulnerable Software and Affected Versions D-Link DIR-823G version A1V1.0.2B05

Description The issue is related to a function sub 4110f4() in the D-Link DIR-823G router's firmware, which contains errors in handling URL addresses with certain extensions, such as html, .asp, .php, or .Login. This can be exploited by a remote attacker to cause a Denial of Service (DoS) via crafted input. The vulnerability is due to null-pointer dereferences in the sub 4110f4() function.

Recommendations For D-Link DIR-823G version A1V1.0.2B05, as a temporary workaround, consider disabling the sub 4110f4() function until a patch is available. Restrict access to URLs with extensions that may trigger the vulnerability, such as html, .asp, .php, or .Login, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.