CVE-2024-44674
Published: 07 October 2024
Summary
CVE-2024-44674 is a medium-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Dlink Covr-2600R Firmware. Its CVSS base score is 5.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
D-Link COVR-2600R firmware version FW101b05 contains a stack-based buffer overflow vulnerability (CWE-121) in the sub_24E28 function. The routine retrieves the HTTP_REFERER value from an environment variable and copies it into a destination buffer without adequate bounds checking, allowing an attacker-controlled source string to overflow the target.
An attacker with adjacent-network access and a low-privileged account can supply a crafted HTTP_REFERER value to trigger the overflow. Successful exploitation yields high-integrity impact, enabling modification of device behavior or execution of arbitrary code on the affected router while requiring no user interaction.
D-Link has published a security advisory covering the COVR series at https://www.dlink.com/en/security-bulletin/; the linked technical note at https://github.com/REYu6/iot/blob/21e59c0cf491a9663423c515370c4fcb43436ae0/CVE/dlink/Covr-3902/2600R.md provides additional reproduction details. The EPSS score has remained flat at 0.0620 since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-41066
Vulnerability details
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in the web interface via controllable HTTP_REFERER enables exploitation of a public-facing application on the D-Link router for potential remote code execution.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.