5.3
CVE-2024-0717
- EPSS 28.39%
- Published 19.01.2024 16:15:11
- Last modified 21.11.2024 08:47:12
- Source cna@vuldb.com
- Teams watchlist Login
- Open Login
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.
Data is provided by the National Vulnerability Database (NVD)
Dlink ≫ Dir-825acg1 Firmware Version <= 2024-01-12
Dlink ≫ Dir-841 Firmware Version <= 2024-01-12
Dlink ≫ Dir-1260 Firmware Version <= 2024-01-12
Dlink ≫ Dir-822 Firmware Version <= 2024-01-12
Dlink ≫ Dir-x1530 Firmware Version <= 2024-01-12
Dlink ≫ Dir-825 Firmware Version <= 2024-01-12
Dlink ≫ Dir-615 Firmware Version <= 2024-01-12
Dlink ≫ Dir-842 Firmware Version <= 2024-01-12
Dlink ≫ Dir-853 Firmware Version <= 2024-01-12
Dlink ≫ Dir-1210 Firmware Version <= 2024-01-12
Dlink ≫ Dir-806a Firmware Version <= 2024-01-12
Dlink ≫ Dir-815 Firmware Version <= 2024-01-12
Dlink ≫ Dsl-245gr Firmware Version <= 2024-01-12
Dlink ≫ Dsl-g2452gr Firmware Version <= 2024-01-12
Dlink ≫ Dir-878 Firmware Version <= 2024-01-12
Dlink ≫ Dir-825acf Firmware Version <= 2024-01-12
Dlink ≫ Dir-615t Firmware Version <= 2024-01-12
Dlink ≫ Dir-300 Firmware Version <= 2024-01-12
Dlink ≫ Dir-842s Firmware Version <= 2024-01-12
Dlink ≫ Dir-815s Firmware Version <= 2024-01-12
Dlink ≫ Dsl-2640u Firmware Version <= 2024-01-12
Dlink ≫ Dir-2150 Firmware Version <= 2024-01-12
Dlink ≫ Dwr-921 Firmware Version <= 2024-01-12
Dlink ≫ Dir-615s Firmware Version <= 2024-01-12
Dlink ≫ Dir-620 Firmware Version <= 2024-01-12
Dlink ≫ Dvg-5402g Firmware Version <= 2024-01-12
Dlink ≫ Dir-882 Firmware Version <= 2024-01-12
Dlink ≫ Dwm-312w Firmware Version <= 2024-01-12
Dlink ≫ Dir-815/ac Firmware Version <= 2024-01-12
Dlink ≫ Dsl-224 Firmware Version <= 2024-01-12
Dlink ≫ Dwm-321 Firmware Version <= 2024-01-12
Dlink ≫ Dir-x1860 Firmware Version <= 2024-01-12
Dlink ≫ Dap-1360 Firmware Version <= 2024-01-12
Dlink ≫ Dir-820 Firmware Version <= 2024-01-12
Dlink ≫ Dir-843 Firmware Version <= 2024-01-12
Dlink ≫ Dvg-5402g/gfru Firmware Version <= 2024-01-12
Dlink ≫ Dwr-953 Firmware Version <= 2024-01-12
Dlink ≫ Dvg-n5402g/il Firmware Version <= 2024-01-12
Dlink ≫ Dir-825ac Firmware Version <= 2024-01-12
Dlink ≫ Dir-620s Firmware Version <= 2024-01-12
Dlink ≫ Dvg-n5402g Firmware Version <= 2024-01-12
Dlink ≫ Dsl-2750u Firmware Version <= 2024-01-12
Dlink ≫ Dir-615gf Firmware Version <= 2024-01-12
Dlink ≫ Dir-816 Firmware Version <= 2024-01-12
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 28.39% | 0.963 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| cna@vuldb.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| cna@vuldb.com | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.