CVE-2024-6044: D-Link router - Arbitrary File Reading

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-6044

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

D-Link router - Arbitrary File Reading

Source: NVD (National Vulnerability Database)

Vulnerability Description

Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

对路径名的限制不恰当(路径遍历)

Source: NVD (National Vulnerability Database)

Vulnerability Title

D-Link Routers 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

D-Link Routers是中国友讯（D-Link）公司的一款路由器。 D-Link Routers 存在路径遍历漏洞。攻击者利用该漏洞可以通过操纵URL读取任意系统文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
D-Link	G403	earlier ~ 1.10.01	-
D-Link	G415	earlier ~ 1.10.01	-
D-Link	G416	earlier ~ 1.10.01	-
D-Link	M18	earlier ~ 1.10.01	-
D-Link	R03	earlier ~ 1.10.01	-
D-Link	R04	earlier ~ 1.10.01	-
D-Link	R12	earlier ~ 1.10.01	-
D-Link	R18	earlier ~ 1.10.01	-
D-Link	E30	earlier ~ 1.10.02	-
D-Link	M30	earlier ~ 1.10.02	-
D-Link	M32	earlier ~ 1.10.02	-
D-Link	M60	earlier ~ 1.10.02	-
D-Link	R32	earlier ~ 1.10.02	-
D-Link	E15	earlier ~ 1.20.01	-
D-Link	R15	earlier ~ 1.20.01	-

II. Public POCs for CVE-2024-6044

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-6044

Please Login to view more intelligence information

https://www.twcert.org.tw/tw/cp-132-7877-b4674-1.htmlthird-party-advisory
https://www.twcert.org.tw/en/cp-139-7878-7c3d9-2.htmlthird-party-advisory
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-6044

IV. Related Vulnerabilities

Same product: G403

CVE-2024-6045
D-Link router - Hidden Backdoor

Same vendor: D-Link

Same weakness: CWE-22

V. Comments for CVE-2024-6044

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-6044

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-6044

III. Intelligence Information for CVE-2024-6044

IV. Related Vulnerabilities

V. Comments for CVE-2024-6044

Leave a comment