cnvd - cnvd-2025-18886

CNVD-2025-18886

Vulnerability from cnvd - Published: 2025-08-19

Title

友讯科技DIR-860L缓冲区溢出漏洞

Description

友讯科技DIR-860L是中国友讯公司的一款无线路由器，支持Wi-Fi 5标准，提供双频（2.4GHz和5GHz）网络连接，最大传输速度可达1200Mbps。该设备内置天线，配备1个USB 3.0接口和4个千兆有线端口。友讯科技 DIR-860L存在缓冲区溢出漏洞，该漏洞源于gena.cgi中SID字段长度验证不充分，攻击者可利用该漏洞导致远程目标设备崩溃或执行任意命令。

Severity

高

Patch Name

友讯科技DIR-860L缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10397

Reference

https://www.dlink.com/en/security-bulletin/

Impacted products

Name
友讯科技 DIR-860L 2.03

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-42812",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-42812"
    }
  },
  "description": "\u53cb\u8baf\u79d1\u6280DIR-860L\u662f\u4e2d\u56fd\u53cb\u8baf\u516c\u53f8\u7684\u4e00\u6b3e \u65e0\u7ebf\u8def\u7531\u5668 \uff0c\u652f\u6301Wi-Fi 5\u6807\u51c6\uff0c\u63d0\u4f9b\u53cc\u9891\uff082.4GHz\u548c5GHz\uff09\u7f51\u7edc\u8fde\u63a5\uff0c\u6700\u5927\u4f20\u8f93\u901f\u5ea6\u53ef\u8fbe1200Mbps\u3002\u8be5\u8bbe\u5907\u5185\u7f6e\u5929\u7ebf\uff0c\u914d\u59071\u4e2aUSB 3.0\u63a5\u53e3\u548c4\u4e2a\u5343\u5146\u6709\u7ebf\u7aef\u53e3\u3002\n\n\u53cb\u8baf\u79d1\u6280 DIR-860L\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8egena.cgi\u4e2dSID\u5b57\u6bb5\u957f\u5ea6\u9a8c\u8bc1\u4e0d\u5145\u5206\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u76ee\u6807\u8bbe\u5907\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10397",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-18886",
  "openTime": "2025-08-19",
  "patchDescription": "\u53cb\u8baf\u79d1\u6280DIR-860L\u662f\u4e2d\u56fd\u53cb\u8baf\u516c\u53f8\u7684\u4e00\u6b3e \u65e0\u7ebf\u8def\u7531\u5668 \uff0c\u652f\u6301Wi-Fi 5\u6807\u51c6\uff0c\u63d0\u4f9b\u53cc\u9891\uff082.4GHz\u548c5GHz\uff09\u7f51\u7edc\u8fde\u63a5\uff0c\u6700\u5927\u4f20\u8f93\u901f\u5ea6\u53ef\u8fbe1200Mbps\u3002\u8be5\u8bbe\u5907\u5185\u7f6e\u5929\u7ebf\uff0c\u914d\u59071\u4e2aUSB 3.0\u63a5\u53e3\u548c4\u4e2a\u5343\u5146\u6709\u7ebf\u7aef\u53e3\u3002\r\n\r\n\u53cb\u8baf\u79d1\u6280 DIR-860L\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8egena.cgi\u4e2dSID\u5b57\u6bb5\u957f\u5ea6\u9a8c\u8bc1\u4e0d\u5145\u5206\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8fdc\u7a0b\u76ee\u6807\u8bbe\u5907\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u53cb\u8baf\u79d1\u6280DIR-860L\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "\u53cb\u8baf\u79d1\u6280 DIR-860L 2.03"
  },
  "referenceLink": "https://www.dlink.com/en/security-bulletin/",
  "serverity": "\u9ad8",
  "submitTime": "2024-08-21",
  "title": "\u53cb\u8baf\u79d1\u6280DIR-860L\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2024-42812 (GCVE-0-2024-42812)

Vulnerability from cvelistv5 – Published: 2024-08-19 00:00 – Updated: 2025-03-17 15:13

Summary

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://www.dlink.com/en/security-bulletin/
	https://gist.github.com/XiaoCurry/574ed9c2b0d12cd…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:dlink:dir-860l_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "dir-860l_firmware",
            "vendor": "dlink",
            "versions": [
              {
                "status": "affected",
                "version": "v2.03"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-42812",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-20T14:21:45.012606Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-17T15:13:26.867Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-19T19:12:29.673Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.dlink.com/en/security-bulletin/"
        },
        {
          "url": "https://gist.github.com/XiaoCurry/574ed9c2b0d12cd0b45399116d82121c"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-42812",
    "datePublished": "2024-08-19T00:00:00.000Z",
    "dateReserved": "2024-08-05T00:00:00.000Z",
    "dateUpdated": "2025-03-17T15:13:26.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-18886

CVE-2024-42812 (GCVE-0-2024-42812)

Tags

Sightings

Nomenclature