CVE-2024-42812: Buffer Overflow
First published: Mon Aug 19 2024(Updated: )
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| D-Link DIR-860L Firmware | =2.0.3 | |
| D-Link DIR-860L |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-42812?
CVE-2024-42812 is classified as a high severity buffer overflow vulnerability.
How do I fix CVE-2024-42812?
To fix CVE-2024-42812, users should upgrade to a patched version of the D-Link DIR-860L firmware.
What causes CVE-2024-42812?
CVE-2024-42812 is caused by the lack of length verification for the SID field in gena.cgi.
What can happen if CVE-2024-42812 is exploited?
If exploited, CVE-2024-42812 can lead to a remote device crash or allow execution of arbitrary commands.
Which devices are affected by CVE-2024-42812?
CVE-2024-42812 affects the D-Link DIR-860L firmware version 2.0.3.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/dlink
- canonical/d-link dir-860l firmware
- version/d-link dir-860l firmware/2.0.3
- canonical/d-link dir-860l