CVE-2024-42812
Published: 19 August 2024
Summary
CVE-2024-42812 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Dlink Dir-860L Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 2.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2024-42812 is a buffer overflow vulnerability in the D-Link DIR-860L router running firmware version 2.03. The flaw stems from missing length validation on the SID parameter supplied to the gena.cgi endpoint, which is implemented under CWE-120.
An unauthenticated attacker with network access can send a crafted HTTP request containing an oversized SID value. Successful exploitation results in a crash of the affected device or execution of arbitrary commands with full system privileges, corresponding to the CVSS 9.8 rating that reflects no required authentication or user interaction.
The vendor has published a security bulletin addressing the issue, although no specific firmware update or configuration workaround is detailed in the available references. A public proof-of-concept has also been released.
The EPSS score for this CVE currently stands at 0.3886 with an identical peak value, indicating sustained but not rapidly increasing exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-39804
Vulnerability details
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary…
more
commands.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.