ID

VAR-202401-0959


CVE

CVE-2024-0717


TITLE

plural  D-Link Systems, Inc.  Product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679

DESCRIPTION

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability. dir-825acg1 firmware, DIR-841 firmware, dir-1260 firmware etc. D-Link Systems, Inc. There are unspecified vulnerabilities in the product.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2024-0717 // JVNDB: JVNDB-2024-001679

AFFECTED PRODUCTS

vendor:dlinkmodel:dir-x1860scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-878scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dsl-224scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dap-1360scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dvg-5402gscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-615scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-820scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dwm-321scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dsl-2640uscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-620scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-x1530scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-815\/acscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-815sscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-1260scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-842scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dwr-953scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-841scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-816scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-842sscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-1210scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-615gfscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-620sscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-825acfscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-615tscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-815scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-825scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-853scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-822scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-882scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dsl-2750uscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dwr-921scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-825acg1scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-825acscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dsl-245grscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-806ascope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dvg-n5402gscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dsl-g2452grscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-300scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dwm-312wscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-843scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dvg-n5402g\/ilscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-2150scope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dir-615sscope:lteversion:2024-01-12

Trust: 1.0

vendor:dlinkmodel:dvg-5402g\/gfruscope:lteversion:2024-01-12

Trust: 1.0

vendor:d linkmodel:dir-825scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-615tscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-825acfscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-825acg1scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-x1530scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-842sscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-853scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-1210scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-1260scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-615scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-806ascope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-815scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-841scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-815sscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-842scope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-878scope: - version: -

Trust: 0.8

vendor:d linkmodel:dsl-g2452grscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-822scope: - version: -

Trust: 0.8

vendor:d linkmodel:dsl-245grscope: - version: -

Trust: 0.8

vendor:d linkmodel:dir-300scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679 // NVD: CVE-2024-0717

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2024-0717
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2024-0717
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-0717
value: MEDIUM

Trust: 0.8

cna@vuldb.com: CVE-2024-0717
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2024-0717
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2024-0717
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679 // NVD: CVE-2024-0717 // NVD: CVE-2024-0717

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679 // NVD: CVE-2024-0717

EXTERNAL IDS

db:NVDid:CVE-2024-0717

Trust: 2.6

db:VULDBid:251542

Trust: 1.8

db:JVNDBid:JVNDB-2024-001679

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679 // NVD: CVE-2024-0717

REFERENCES

url:https://github.com/999zzzzz/d-link

Trust: 1.8

url:https://vuldb.com/?ctiid.251542

Trust: 1.8

url:https://vuldb.com/?id.251542

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-0717

Trust: 0.8

sources: JVNDB: JVNDB-2024-001679 // NVD: CVE-2024-0717

SOURCES

db:JVNDBid:JVNDB-2024-001679
db:NVDid:CVE-2024-0717

LAST UPDATE DATE

2024-08-14T15:15:35.797000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-001679date:2024-02-06T01:48:00
db:NVDid:CVE-2024-0717date:2024-05-17T02:34:53.200

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-001679date:2024-02-06T00:00:00
db:NVDid:CVE-2024-0717date:2024-01-19T16:15:11.190