ID

VAR-202405-0217


CVE

CVE-2024-5293


TITLE

(0Day) D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-24-444

DESCRIPTION

D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within prog.cgi, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21853. D-Link DIR-2640 is a high-power Wi-Fi router from D-Link, a Chinese company. D-Link DIR-2640 has a buffer overflow vulnerability. The vulnerability is caused by the program failing to properly verify the length of the input data

Trust: 2.07

sources: NVD: CVE-2024-5293 // ZDI: ZDI-24-444 // CNVD: CNVD-2024-26177

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-26177

AFFECTED PRODUCTS

vendor:d linkmodel:dir-2640scope: - version: -

Trust: 1.3

sources: ZDI: ZDI-24-444 // CNVD: CNVD-2024-26177

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com: CVE-2024-5293
value: HIGH

Trust: 1.0

ZDI: CVE-2024-5293
value: HIGH

Trust: 0.7

CNVD: CNVD-2024-26177
value: HIGH

Trust: 0.6

CNVD: CNVD-2024-26177
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2024-5293
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

ZDI: CVE-2024-5293
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-24-444 // CNVD: CNVD-2024-26177 // NVD: CVE-2024-5293

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

sources: NVD: CVE-2024-5293

EXTERNAL IDS

db:NVDid:CVE-2024-5293

Trust: 2.3

db:ZDIid:ZDI-24-444

Trust: 2.3

db:ZDI_CANid:ZDI-CAN-21853

Trust: 0.7

db:CNVDid:CNVD-2024-26177

Trust: 0.6

sources: ZDI: ZDI-24-444 // CNVD: CNVD-2024-26177 // NVD: CVE-2024-5293

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-24-444/

Trust: 1.6

sources: CNVD: CNVD-2024-26177 // NVD: CVE-2024-5293

CREDITS

Nicholas Zubrisky

Trust: 0.7

sources: ZDI: ZDI-24-444

SOURCES

db:ZDIid:ZDI-24-444
db:CNVDid:CNVD-2024-26177
db:NVDid:CVE-2024-5293

LAST UPDATE DATE

2024-08-14T15:31:33.121000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-24-444date:2024-07-01T00:00:00
db:CNVDid:CNVD-2024-26177date:2024-06-06T00:00:00
db:NVDid:CVE-2024-5293date:2024-05-24T01:15:30.977

SOURCES RELEASE DATE

db:ZDIid:ZDI-24-444date:2024-05-24T00:00:00
db:CNVDid:CNVD-2024-26177date:2024-06-06T00:00:00
db:NVDid:CVE-2024-5293date:2024-05-23T22:15:15