CVE-2024-33773

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L Rev.B version 2.06B1

Description: A buffer overflow issue in the /bin/boa binary via the formWlanGuestSetup function allows remote authenticated users to trigger a denial of service (DoS) through the webpage parameter. This vulnerability is related to a buffer overflow operation in the memory of the D-Link DIR-619L router's firmware.

Recommendations: For D-Link DIR-619L Rev.B version 2.06B1, consider restricting access to the formWlanGuestSetup function and the webpage parameter in the /bin/boa binary to minimize the risk of exploitation. As a temporary workaround, avoid using the webpage parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2024-04100

CVE-2024-33773

Affected Products

D-Link Dir-619L

CVE-2024-33773

Weakness Enumeration

Related Identifiers

Affected Products

References · 5