HomePentest-Tools.com Logo

D-Link DIR-619L <= 2.02 Multiple Buffer Overflow Vulnerabilities (Sep 2023) CVE-2023-43860CVE-2023-43861CVE-2023-43862CVE-2023-43863CVE-2023-43864CVE-2023-43865CVE-2023-43866CVE-2023-43867CVE-2023-43868CVE-2023-43869

Severity
CVSSv3 Score
9.8
Vulnerability description

D-Link DIR-619L devices are prone to multiple buffer overflow vulnerabilities.

Risk description

The following vulnerabilities exist: - CVE-2023-43860: Buffer overflow via formSetWanNonLogin function - CVE-2023-43861: Buffer overflow via formSetWanPPPoE function - CVE-2023-43862: Buffer overflow via formLanguageChange function - CVE-2023-43863: Buffer overflow via formSetWanDhcpplus function - CVE-2023-43864: Buffer overflow via formSetWAN_Wizard55 function - CVE-2023-43865: Buffer overflow via formSetWanPPTP function - CVE-2023-43866: Buffer overflow via formSetWAN_Wizard7 function - CVE-2023-43867: Buffer overflow via formSetWanL2TP function - CVE-2023-43868: Buffer overflow via websGetVar function - CVE-2023-43868: Buffer overflow via formSetWAN_Wizard56 function

Recommendation

No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. Note: Vendor states that the model reached its End-of-Support Date, is no longer supported, and firmware development has ceased.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 28, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available