Dlink Dir-605L Firmware vulnerabilities

CVE-2024-9515 [HIGH] CWE-120 CVE-2024-9515: A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-37630 [HIGH] CWE-798 CVE-2024-37630: D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc/passwd D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc/passwd, which allows attackers to log in as root.

CVE-2020-19318 [HIGH] CWE-787 CVE-2020-19318: Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.

CVE-2023-29961 [CRITICAL] CWE-787 CVE-2023-29961: D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipS D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,

CVE-2023-24349 [CRITICAL] CWE-787 CVE-2023-24349: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute.

CVE-2023-24350 [CRITICAL] CWE-787 CVE-2023-24350: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.

CVE-2023-24351 [CRITICAL] CWE-787 CVE-2023-24351: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECO D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin.

CVE-2023-24348 [CRITICAL] CWE-787 CVE-2023-24348: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter.

CVE-2023-24352 [CRITICAL] CWE-787 CVE-2023-24352: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpag D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS.

CVE-2023-24346 [HIGH] CWE-787 CVE-2023-24346: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_co D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3.

CVE-2023-24344 [HIGH] CWE-787 CVE-2023-24344: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpag D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup.

CVE-2023-24345 [HIGH] CWE-787 CVE-2023-24345: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus.

CVE-2023-24343 [HIGH] CWE-787 CVE-2023-24343: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTim D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule.

CVE-2023-24347 [HIGH] CWE-787 CVE-2023-24347: D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpag D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus.

CVE-2021-40655 [HIGH] CWE-863 CVE-2021-40655: An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker ca An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page

CVE-2017-9675 [HIGH] CWE-20 CVE-2017-9675: On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot.

CVE-2014-8361 [CRITICAL] CVE-2014-8361: The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a craf The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.