CVE-2024-45695

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:dlink:dir-x4860_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-x4860_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x4860:a1:*:*:*:*:*:*:*

History

17 Sep 2024, 18:40

Type Values Removed Values Added
CPE cpe:2.3:o:dlink:dir-x4860_firmware:1.00:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dir-x4860_firmware:1.04:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-x4860:a1:*:*:*:*:*:*:*
References () https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html - () https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html - Third Party Advisory
References () https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html - () https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html - Third Party Advisory
CWE CWE-787
First Time Dlink dir-x4860 Firmware
Dlink
Dlink dir-x4860

16 Sep 2024, 15:30

Type Values Removed Values Added
Summary
  • (es) El servicio web de ciertos modelos de enrutadores inalámbricos D-Link contiene una vulnerabilidad de desbordamiento de búfer basada en pila, que permite a atacantes remotos no autenticados explotar esta vulnerabilidad para ejecutar código arbitrario en el dispositivo.

16 Sep 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-16 07:15

Updated : 2024-09-17 18:40


NVD link : CVE-2024-45695

Mitre link : CVE-2024-45695

CVE.ORG link : CVE-2024-45695


JSON object : View

Products Affected

dlink

  • dir-x4860_firmware
  • dir-x4860
CWE
CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow