CVE-2024-40505

CWE-353 documents3 sources
Severity
9.3CRITICAL
EPSS
0.6%
top 31.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dlink Dap-1650 Firmware
Timeline
PublishedJul 16

Description

Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.5 | Impact: 6.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-xc58-xprh-7gr5: **UNSUPPORTED WHEN ASSIGNED** Directory Traversal vulnerability in D-Link DAP-1650 Firmware v2024-07-16
CVEList
CVE-2024-40505: Directory Traversal vulnerability in D-Link DAP-1650 Firmware v2024-07-16