CRITICAL🇵🇱 Wersja polska

CVE-2024-42812

CVSS 9.8v3.1pub. 2024-08-19upd. 2025-03-17

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 860l

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 860l Firmware

    OS
    Dlink
    2.0.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2018-6530CRITICAL9.8⚠ KEVten sam produkt

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMW...

CVE-2024-41611CRITICAL9.8PL ✓ten sam produkt

D-Link DIR-860L: hardcoded credentials w usłudze Telnet umożliwiają RCE

CVE-2018-19987CRITICAL9.8ten sam produkt

D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880...

CVE-2018-20114CRITICAL9.8ten sam produkt

On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command exec...

CVE-2025-9026MEDIUM5.5ten sam produkt

A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file...