CVE-2024-11959

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Published: Nov 28, 2024
Updated: May 4, 2025
CVE: CVE-2024-11959
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
dlink / dir-605l_firmware	2.13b01	2.13b01.x

https://github.com/offshore0315/loT-vulnerable/blob/main/D-Link/formResetStatistic.md
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10393
https://vuldb.com/?ctiid.286341
https://vuldb.com/?id.286341
https://vuldb.com/?submit.447484
https://www.dlink.com/

Vulnerability Database

CVE-2024-11959

Deep Security Visibility Without the Complexity