CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-36755

D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.5%

CVSS Severity

CVSS v3 Score 6.8

References

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10401
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10401

Products affected by CVE-2024-36755

Dlink » Dir-1950 » Version: N/A

cpe:2.3:h:dlink:dir-1950:-
Dlink » Dir-1950 Firmware » Version: Any

cpe:2.3:o:dlink:dir-1950_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-36755

Products

Pricing

Contact Us