CVE-2024-9564

A vulnerability, which was classified as critical, was found in D-Link DIR-605L 2.13B01 BETA. Affected is the function formWlanWizardSetup of the file /goform/formWlanWizardSetup. The manipulation of the argument webpage leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Published: Oct 7, 2024
Updated: May 4, 2025
CVE: CVE-2024-9564
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
dlink / dir-605l_firmware	2.13b01	2.13b01.x

https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-605L/formWlanWizardSetup.md
https://vuldb.com/?ctiid.279372
https://vuldb.com/?id.279372
https://vuldb.com/?submit.413923
https://www.dlink.com/

Vulnerability Database

CVE-2024-9564

Deep Security Visibility Without the Complexity