CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-44674

D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.5%

CVSS Severity

CVSS v3 Score 5.7

References

https://github.com/REYu6/iot/blob/21e59c0cf491a9663423c515370c4fcb43436ae0/CVE/dlink/Covr-3902/2600R.md
https://www.dlink.com/en/security-bulletin/

Products affected by CVE-2024-44674

Dlink » Covr-2600r » Version: N/A

cpe:2.3:h:dlink:covr-2600r:-
Dlink » Covr-2600r Firmware » Version: 1.01b05

cpe:2.3:o:dlink:covr-2600r_firmware:1.01b05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-44674

Products

Pricing

Contact Us