CVE-2024-57376

high-risk

Published 2025-01-28

Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution.

Do I need to act?

51.9% chance of exploitation in next 30 days

EPSS score — higher than 48% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (6)

Dsr-150 Firmware

Dsr-150N Firmware

Dsr-250 Firmware

Dsr-250N Firmware

Dsr-500 Firmware

Dsr-1000N Firmware

Affected Vendors

Dlink

References (1)

Vendor Advisory https://www.dlink.com/en/security-bulletin/

/ 100

high-risk

Severity 27/34 · High

Exploitability 18/34 · Moderate

Exposure 13/34 · Low