Rewterz Threat Advisory – ICS: Hitachi Vantara Pentaho Vulnerability
March 4, 2024Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
March 4, 2024Rewterz Threat Advisory – ICS: Hitachi Vantara Pentaho Vulnerability
March 4, 2024Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
March 4, 2024Severity
Medium
Analysis Summary
CVE-2024-27655 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a buffer overflow. By sending a specially crafted request using the SOAPACTION parameter, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27656 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a buffer overflow. By sending a specially crafted request using the Cookie parameter, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27657 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a buffer overflow. By sending a specially crafted request using the User-Agent parameter, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27658 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a NULL pointer dereferences in sub_4484A8(). A remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27659 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a NULL pointer dereferences in sub_42AF30(). A remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27660 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a NULL pointer dereferences in sub_41C488(). A remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27661 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a NULL pointer dereferences in sub_4484A8(). A remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-27662 CVSS:5.3
D-Link DIR-823G is vulnerable to a denial of service, caused by a NULL pointer dereferences in sub_4110f4(). A remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2024-27655
- CVE-2024-27656
- CVE-2024-27657
- CVE-2024-27658
- CVE-2024-27659
- CVE-2024-27660
- CVE-2024-27661
- CVE-2024-27662
Affected Vendors
D-Link
Affected Products
- D-Link DIR-823G 1.0.2B05
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.