CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-42812

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.389

EPSS Ranking 97.3%

CVSS Severity

CVSS v3 Score 9.8

References

https://gist.github.com/XiaoCurry/574ed9c2b0d12cd0b45399116d82121c
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2024-42812

Dlink » Dir-860l » Version: N/A

cpe:2.3:h:dlink:dir-860l:-
Dlink » Dir-860l Firmware » Version: 2.0.3

cpe:2.3:o:dlink:dir-860l_firmware:2.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42812

Products

Pricing

Contact Us