CVE-2024-57376
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
28/01/2025
Last modified:
01/07/2025
Description
Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:dlink:dsr-150_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17B901C (including) |
cpe:2.3:h:dlink:dsr-150:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dlink:dsr-150n_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17B901C (including) |
cpe:2.3:h:dlink:dsr-150n:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dlink:dsr-250_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17B901C (including) |
cpe:2.3:h:dlink:dsr-250:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dlink:dsr-250n_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17B901C (including) |
cpe:2.3:h:dlink:dsr-250n:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dlink:dsr-500_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17B901C (including) |
cpe:2.3:h:dlink:dsr-500:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:dlink:dsr-1000n_firmware:*:*:*:*:*:*:*:* | 3.13 (including) | 3.17b901c (including) |
cpe:2.3:h:dlink:dsr-1000n:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page