PT-2025-12358 · D Link · D-Link Dsl-3788
Published
2025-01-27
·
Updated
2026-01-20
·
CVE-2024-57440
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DSL-3788 revA1 version 1.01R1B036 EU EN
Description
The issue is related to a buffer overflow that can occur through the
COMM MAKECustomMsg function of the webproc cgi. This function is part of the web procedure and can be exploited, leading to a buffer overflow.Recommendations
For D-Link DSL-3788 revA1 version 1.01R1B036 EU EN, as a temporary workaround, consider disabling the
COMM MAKECustomMsg function until a patch is available. Restrict access to the webproc cgi to minimize the risk of exploitation.Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dsl-3788