CVE-2024-0717

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.
References
Link Resource
https://github.com/999zzzzz/D-Link Exploit Third Party Advisory
https://vuldb.com/?ctiid.251542 Third Party Advisory
https://vuldb.com/?id.251542 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dir-825acg1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825acg1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dlink:dir-841_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-841:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dlink:dir-1260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1260:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dlink:dir-x1530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x1530:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dlink:dir-825_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:dlink:dir-842_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-842:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:dlink:dir-853_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-853:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:dlink:dir-1210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1210:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:dlink:dir-806a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-806a:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:dlink:dir-815_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:dlink:dsl-245gr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-245gr:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:dlink:dsl-g2452gr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-g2452gr:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:dlink:dir-825acf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825acf:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:dlink:dir-615t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615t:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:dlink:dir-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-300:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:dlink:dir-842s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-842s:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:dlink:dir-815s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815s:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:dlink:dsl-2640u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2640u:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:dlink:dir-2150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:dlink:dwr-921_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwr-921:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:dlink:dir-615s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615s:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:dlink:dir-620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-620:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:dlink:dvg-5402g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-5402g:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:dlink:dir-882_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:dlink:dwm-312w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwm-312w:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:dlink:dir-815\/ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815\/ac:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:dlink:dsl-224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-224:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:dlink:dwm-321_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwm-321:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:dlink:dap-1360_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:dlink:dir-820_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-820:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:dlink:dir-843_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-843:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:dlink:dvg-5402g\/gfru_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-5402g\/gfru:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:dlink:dwr-953_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwr-953:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:dlink:dvg-n5402g\/il_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402g\/il:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:dlink:dir-825ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825ac:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:dlink:dir-620s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-620s:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:dlink:dvg-n5402g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402g:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:dlink:dir-615gf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615gf:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND
cpe:2.3:o:dlink:dir-816_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-816:-:*:*:*:*:*:*:*

History

25 Jan 2024, 22:18

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CWE CWE-200 NVD-CWE-noinfo
References () https://vuldb.com/?id.251542 - () https://vuldb.com/?id.251542 - Third Party Advisory
References () https://vuldb.com/?ctiid.251542 - () https://vuldb.com/?ctiid.251542 - Third Party Advisory
References () https://github.com/999zzzzz/D-Link - () https://github.com/999zzzzz/D-Link - Exploit, Third Party Advisory
CPE cpe:2.3:h:dlink:dwr-921:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-853:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-2750u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-878:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-300:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-815s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-825acg1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dvg-5402g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-x1530_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwm-312w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-878_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-842s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-620s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-620s:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-822_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-882:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-842_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwr-921_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825ac:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-g2452gr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-615gf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-842s:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-853_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-825ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-816_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-5402g:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-2640u_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-5402g\/gfru:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dvg-n5402g\/il_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-822:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825acg1:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x1530:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-g2452gr:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615gf:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615t:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1260:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-841:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-843:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwm-312w:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-841_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwm-321_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402g:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-245gr:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dap-1360:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-815_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-820:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwm-321:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-620:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-815\/ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dwr-953:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615s:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-806a:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2750u:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-2640u:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-843_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-842:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402g\/il:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815\/ac:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-2150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-245gr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-816:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dap-1360_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-815s:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-620_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-806a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-224:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-1260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dwr-953_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dvg-5402g\/gfru_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-825acf:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-825acf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-1210:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dvg-n5402g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-882_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-825_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-615s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-615t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-820_firmware:*:*:*:*:*:*:*:*

19 Jan 2024, 18:48

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-19 16:15

Updated : 2024-05-17 02:34


NVD link : CVE-2024-0717

Mitre link : CVE-2024-0717

CVE.ORG link : CVE-2024-0717


JSON object : View

Products Affected

dlink

  • dir-2150
  • dvg-5402g\/gfru_firmware
  • dir-620s_firmware
  • dvg-5402g
  • dwr-921
  • dir-815_firmware
  • dir-825acg1_firmware
  • dir-615t
  • dir-x1530_firmware
  • dir-806a_firmware
  • dwr-921_firmware
  • dsl-224_firmware
  • dir-882
  • dir-842s
  • dir-825acf_firmware
  • dir-815
  • dir-825ac
  • dir-615gf
  • dir-878
  • dwr-953
  • dsl-224
  • dwm-321_firmware
  • dsl-g2452gr_firmware
  • dir-615t_firmware
  • dir-841
  • dir-620_firmware
  • dir-620s
  • dir-815\/ac
  • dir-853
  • dir-816_firmware
  • dvg-n5402g
  • dvg-n5402g_firmware
  • dir-825_firmware
  • dir-806a
  • dwm-312w
  • dir-822_firmware
  • dir-825ac_firmware
  • dir-841_firmware
  • dir-843_firmware
  • dsl-g2452gr
  • dir-820
  • dir-x1530
  • dir-825acf
  • dir-825acg1
  • dir-822
  • dir-842_firmware
  • dir-x1860_firmware
  • dir-615
  • dir-882_firmware
  • dir-1260
  • dap-1360
  • dir-843
  • dsl-2640u
  • dsl-2750u_firmware
  • dwm-321
  • dwr-953_firmware
  • dir-620
  • dsl-245gr_firmware
  • dir-820_firmware
  • dsl-245gr
  • dir-300
  • dir-853_firmware
  • dir-1210
  • dir-815s_firmware
  • dwm-312w_firmware
  • dir-815\/ac_firmware
  • dsl-2640u_firmware
  • dir-1260_firmware
  • dir-615s_firmware
  • dir-842
  • dir-1210_firmware
  • dvg-n5402g\/il
  • dir-878_firmware
  • dvg-n5402g\/il_firmware
  • dvg-5402g\/gfru
  • dir-816
  • dir-2150_firmware
  • dir-300_firmware
  • dir-842s_firmware
  • dir-615_firmware
  • dir-815s
  • dsl-2750u
  • dir-615s
  • dap-1360_firmware
  • dir-825
  • dvg-5402g_firmware
  • dir-x1860
  • dir-615gf_firmware
CWE
NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor