CVERadar

CVE-2024-9570

Critical Severity

Dlink

SVRS

77/100

CVSSv3

8.8/10

EPSS

0.14807/1

CVE-2024-9570: A critical buffer overflow vulnerability exists in D-Link DIR-619L B1 routers. This flaw allows remote attackers to execute arbitrary code. Specifically, the vulnerability lies in the formEasySetTimezone function within the /goform/formEasySetTimezone file when handling the curTime argument. Given the publicly available exploit and a SOCRadar Vulnerability Risk Score (SVRS) of 77, immediate patching or mitigation is strongly advised to protect against potential remote code execution. The buffer overflow can be triggered remotely, making it a high-risk vulnerability. While not exceeding the critical threshold of 80 on the SVRS, its proximity and active exploits make it a significant threat. Unpatched, this flaw could result in complete device compromise.

TAGS

In The Wild

Exploit Avaliable

VECTOR STRING

CVSS:3.1

AV:N

AC:L

PR:L

UI:N

S:U

C:H

I:H

A:H

PUBLICATION DATE2024-10-07

LAST MODIFIED2024-10-09

SOCRadar

AI Insight

Description:

CVE-2024-9570 is a critical vulnerability in D-Link DIR-619L B1 2.06 that allows remote attackers to execute arbitrary code via a buffer overflow in the formEasySetTimezone function. The vulnerability has a CVSS score of 8.8 and an SVRS of 77, indicating a high level of urgency and severity.

Key Insights:

Active Exploits: Active exploits have been published for this vulnerability, making it a high-priority target for attackers.
Remote Exploitation: The vulnerability can be exploited remotely, allowing attackers to compromise devices without physical access.
Critical Impact: Successful exploitation could lead to complete system compromise, data theft, or denial of service.
In the Wild: The vulnerability is actively being exploited by hackers, making it essential to take immediate action.

Mitigation Strategies:

Apply Software Updates: Install the latest firmware updates from D-Link to patch the vulnerability.
Disable Remote Access: If possible, disable remote access to the affected devices until the patch is applied.
Use Strong Passwords: Ensure that strong passwords are used for all administrative accounts on the device.
Monitor Network Traffic: Monitor network traffic for suspicious activity and block any unauthorized access attempts.

Additional Information:

The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.
Users with additional queries regarding this incident can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

Title	Software Link	Date
dylvie/CVE-2024-9570_D-Link-DIR-619L-bof	https://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof	2024-10-11

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

Vulmon Vulnerability Feed

@VulmonFeeds

2024-10-07

CVE-2024-9570 Critical Remote Buffer Overflow in D-Link DIR-619L Routers A critical weakness is present in D-Link DIR-619L B1 version 2.06. The problem is with the function formEasySetTimezone in the file /goform... https://t.co/nSZ5P2jXB4

CVE

@CVEnew

2024-10-07

CVE-2024-9570 A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasy… https://t.co/jM7ciWM3zB

CVEFind.com

@CveFindCom

2024-10-07

[CVE-2024-9570: HIGH] Critical vulnerability discovered in D-Link DIR-619L B1 2.06 allowing remote attackers to execute a buffer overflow attack via manipulation of the curTime argument in formEasySetTimezone. Exp...#cybersecurity,#vulnerability https://t.co/Hx7kfjQdtK https://t.co/S78eQMafxP

VulDB 🛡

@vuldb

2024-10-07

The severity is increased for this new vulnerability affecting D-Link DIR-619L B1 (CVE-2024-9570) https://t.co/110xbFVWUF

Affected Software

Configuration 1

Type	Vendor	Product
OS	Dlink	dir-619l_firmware

References

Reference	Link
[email protected]	https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formEasySetTimezone.md
[email protected]	https://vuldb.com/?ctiid.279464
[email protected]	https://vuldb.com/?id.279464
[email protected]	https://vuldb.com/?submit.414548
[email protected]	https://www.dlink.com/
GITHUB	https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formEasySetTimezone.md

CWE Details

CWE ID	CWE Name	Description
CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence