CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57045: A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the...

Description

A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the authentication. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page.

Classification

CVE ID: CVE-2024-57045

Affected Products

Vendor: n/a

Product: n/a

Nuclei Template

http/cves/2024/CVE-2024-57045.yaml

Exploit Prediction Scoring System (EPSS)

EPSS Score: 30.06% (probability of being exploited)

EPSS Percentile: 96.08% (scored less or equal to compared to others)

EPSS Date: 2025-03-19 (when was this score calculated)

References

https://www.dlink.com/en/security-bulletin/
https://github.com/Shuanunio/CVE_Requests/blob/main/D-Link/DIR-859/ACL%20bypass%20Vulnerability%20in%20D-Link%20DIR-859.md

Timeline

2025-02-19 00:31:36 UTC
CVE

A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the...