CVE-2024-45694
high-risk
Published 2024-09-16
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Do I need to act?
~
2.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (6)
Dir-X5460 Firmware
Dir-X5460 Firmware
Dir-X5460 Firmware
Dir-X5460 Firmware
Dir-X4860 Firmware
Dir-X4860 Firmware
Affected Vendors
References (2)
Third Party Advisory
https://www.twcert.org.tw/en/cp-139-8081-3fb39-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-8080-7f494-1.html
51
/ 100
high-risk
Severity
32/34 · Critical
Exploitability
6/34 · Minimal
Exposure
13/34 · Low