CVE-2024-36831

Published: Dic 17, 2024 Last Modified: Mag 21, 2025
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low

Description

AI Translation Available

A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request without authentication.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0019
Percentile
0,4th
Updated

EPSS Score Trend (Last 90 Days)

476

NULL Pointer Dereference

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory
Applicable Platforms
Languages: C, C#, C++, Go, Java
Likelihood of Exploit: Medium
View CWE Details
Operating System

Dap-1520 Firmware by Dlink

Product Information
Vendor Dlink
Product Dap-1520 Firmware
Version 1.10b04
cpe:2.3:o:dlink:dap-1520_firmware:1.10b04:beta02:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJWvl…
Permissions Required
https://docs.google.com/document/d/15CVb7XHIgtfeW1W1pLZJWvlBMYN1rtr75vqZqf1v3Eo…
https://supportannouncement.us.dlink.com/security/publicati…
Vendor Advisory
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10395
https://www.dlink.com/en
Product
https://www.dlink.com/en
https://www.dlink.com/en/security-bulletin/
Product
https://www.dlink.com/en/security-bulletin/