CVE-2024-0717
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| D-Link | DAP-1360 | 20240112 | affected |
| D-Link | DIR-300 | 20240112 | affected |
| D-Link | DIR-615 | 20240112 | affected |
| D-Link | DIR-615GF | 20240112 | affected |
| D-Link | DIR-615S | 20240112 | affected |
| D-Link | DIR-615T | 20240112 | affected |
| D-Link | DIR-620 | 20240112 | affected |
| D-Link | DIR-620S | 20240112 | affected |
| D-Link | DIR-806A | 20240112 | affected |
| D-Link | DIR-815 | 20240112 | affected |
| D-Link | DIR-815AC | 20240112 | affected |
| D-Link | DIR-815S | 20240112 | affected |
| D-Link | DIR-816 | 20240112 | affected |
| D-Link | DIR-820 | 20240112 | affected |
| D-Link | DIR-822 | 20240112 | affected |
| D-Link | DIR-825 | 20240112 | affected |
| D-Link | DIR-825AC | 20240112 | affected |
| D-Link | DIR-825ACF | 20240112 | affected |
| D-Link | DIR-825ACG1 | 20240112 | affected |
| D-Link | DIR-841 | 20240112 | affected |
| D-Link | DIR-842 | 20240112 | affected |
| D-Link | DIR-842S | 20240112 | affected |
| D-Link | DIR-843 | 20240112 | affected |
| D-Link | DIR-853 | 20240112 | affected |
| D-Link | DIR-878 | 20240112 | affected |
| D-Link | DIR-882 | 20240112 | affected |
| D-Link | DIR-1210 | 20240112 | affected |
| D-Link | DIR-1260 | 20240112 | affected |
| D-Link | DIR-2150 | 20240112 | affected |
| D-Link | DIR-X1530 | 20240112 | affected |
| D-Link | DIR-X1860 | 20240112 | affected |
| D-Link | DSL-224 | 20240112 | affected |
| D-Link | DSL-245GR | 20240112 | affected |
| D-Link | DSL-2640U | 20240112 | affected |
| D-Link | DSL-2750U | 20240112 | affected |
| D-Link | DSL-G2452GR | 20240112 | affected |
| D-Link | DVG-5402G | 20240112 | affected |
| D-Link | DVG-5402G | 20240112 | affected |
| D-Link | DVG-5402GFRU | 20240112 | affected |
| D-Link | DVG-N5402G | 20240112 | affected |
| D-Link | DVG-N5402G-IL | 20240112 | affected |
| D-Link | DWM-312W | 20240112 | affected |
| D-Link | DWM-321 | 20240112 | affected |
| D-Link | DWR-921 | 20240112 | affected |
| D-Link | DWR-953 | 20240112 | affected |
| D-Link | Good Line Router v2 | 20240112 | affected |
Weaknesses
- CWE-200: CWE-200 Information Disclosure
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.