CVE-2024-33771

Name of the Vulnerable Software and Affected Versions D-Link DIR-619L Rev.B version 2.06B1

Description The issue is related to a buffer overflow vulnerability in the /bin/boa component of the D-Link DIR-619L Rev.B router, specifically via the "goform/formWPS" endpoint, where the webpage parameter is involved. This vulnerability can be exploited by remote authenticated users to trigger a denial of service (DoS). The vulnerability is also associated with incorrect clearing or release of resources, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For D-Link DIR-619L Rev.B version 2.06B1, consider disabling access to the "goform/formWPS" endpoint as a temporary workaround until a patch is available. Restrict access to the /bin/boa component to minimize the risk of exploitation. Avoid using the webpage parameter in the affected endpoint until the issue is resolved.