CVE-2024-57376 — Classic Buffer Overflow in Dlink Dsr-1000n Firmware

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

8.8HIGHNVD

EPSS

51.9%

top 2.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Dsr-1000n Firmware Dlink Dsr-150 Firmware Dlink Dsr-150n Firmware +3 more

Timeline

PublishedJan 28

Latest updateJan 29

Description

Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

▶NVDdlink/dsr-150n_firmware3.13 — 3.17B901C

▶NVDdlink/dsr-250n_firmware3.13 — 3.17B901C

▶NVDdlink/dsr-1000n_firmware3.13 — 3.17b901c

▶NVDdlink/dsr-150_firmware3.13 — 3.17B901C

▶NVDdlink/dsr-250_firmware3.13 — 3.17B901C

🔴Vulnerability Details

GHSA

GHSA-99gg-h722-7qw4: Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3↗2025-01-29

▶

CVEList

CVE-2024-57376: Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3↗2025-01-28

▶