Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-9675 — Improper Input Validation in Dlink Dir-605l Firmware

CWE-20 — Improper Input Validation4 documents4 sources
Severity
7.5HIGHNVD
EPSS
30.9%
top 3.26%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Dlink Dir-605l Firmware
Timeline
PublishedJun 15
Latest updateMay 24

Description

On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

â–¶NVDdlink/dir-605l_firmware2.08b01

🔴Vulnerability Details

2
GHSA
GHSA-j28v-fc6m-pfcf: On D-Link DIR-605L devices, firmware before 2↗2022-05-24
â–¶
CVEList
CVE-2017-9675: On D-Link DIR-605L devices, firmware before 2↗2017-06-15
â–¶

💥Exploits & PoCs

1
Exploit-DB
D-Link DIR-605L < 2.08 - Denial of Service↗2017-11-14
â–¶
CVE-2017-9675 — Improper Input Validation in Dlink | cvebase