Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-27658

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Feb, 2024 | 00:00
Updated At-02 Aug, 2024 | 00:34
Rejected At-
Credits

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Feb, 2024 | 00:00
Updated At:02 Aug, 2024 | 00:34
Rejected At:
▼CVE Numbering Authority (CNA)

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
N/A
Hyperlink: https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
D-Link Corporationdlink
Product
dir-823_firmware
CPEs
  • cpe:2.3:o:dlink:dir-823_firmware:1.0.2b05_20181207:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 1.0.2b05_20181207
Problem Types
TypeCWE IDDescription
CWECWE-395CWE-395 Use of NullPointerException Catch to Detect NULL Pointer Dereference
Type: CWE
CWE ID: CWE-395
Description: CWE-395 Use of NullPointerException Catch to Detect NULL Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
x_transferred
Hyperlink: https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Feb, 2024 | 20:15
Updated At:21 Apr, 2025 | 21:58

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
D-Link Corporation
dlink
>>dir-823g_firmware>>1.0.2b05
cpe:2.3:o:dlink:dir-823g_firmware:1.0.2b05:*:*:*:*:*:*:*
D-Link Corporation
dlink
>>dir-823g>>a1
cpe:2.3:h:dlink:dir-823g:a1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-395Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-395
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4cve@mitre.org
Exploit
Third Party Advisory
https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
Hyperlink: https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://calm-healer-839.notion.site/D-LINK-DIR-823G-NPD-0x44900C-8f23082721854117bdea70b6113433fd?pvs=4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2024-27662
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.75%
||
7 Day CHG~0.00%
Published-29 Feb, 2024 | 00:00
Updated-15 Apr, 2025 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_4110f4(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823g_firmwaredir-823gn/adir-823_firmware
CWE ID-CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2024-27661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.75%
||
7 Day CHG~0.00%
Published-29 Feb, 2024 | 00:00
Updated-17 Mar, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_4484A8(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823g_firmwaredir-823gn/adir-823_firmware
CWE ID-CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
CVE-2024-27659
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 6.75%
||
7 Day CHG~0.00%
Published-29 Feb, 2024 | 00:00
Updated-17 Mar, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-823G A1V1.0.2B05 was discovered to contain Null-pointer dereferences in sub_42AF30(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823g_firmwaredir-823gn/adir-823_firmware
CWE ID-CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
CVE-2024-5294
Matching Score-8
Assigner-Zero Day Initiative
ShareView Details
Matching Score-8
Assigner-Zero Day Initiative
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 25.36%
||
7 Day CHG~0.00%
Published-23 May, 2024 | 21:29
Updated-06 Aug, 2025 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability

D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi program, which handles HNAP requests made to the lighttpd webserver listening on ports 80 and 443. The issue results from the lack of proper memory management when processing HTTP cookie values. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-21668.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-3040dir-3040_firmwareDIR-3040
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-37605
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.81%
||
7 Day CHG+0.02%
Published-17 Dec, 2024 | 00:00
Updated-21 May, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference in D-Link DIR-860L REVB_FIRMWARE_2.04.B04_ic5b allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-860ldir-860l_firmwaren/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-37607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 18.56%
||
7 Day CHG+0.01%
Published-17 Dec, 2024 | 00:00
Updated-21 May, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer overflow vulnerability in D-Link DAP-2555 REVA_FIRMWARE_1.20 allows remote attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dap-2555_firmwaredap-2555n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-37606
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 7.85%
||
7 Day CHG+0.01%
Published-17 Dec, 2024 | 00:00
Updated-21 May, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-932ldcs-932l_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-44415
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 20.81%
||
7 Day CHG~0.00%
Published-11 Oct, 2024 | 00:00
Updated-15 Oct, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-n/adi-8200_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-27660
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.30%
||
7 Day CHG~0.00%
Published-29 Feb, 2024 | 00:00
Updated-17 Mar, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-823g_firmwaredir-823n/adir-823g_firmware
CWE ID-CWE-476
NULL Pointer Dereference
Details not found