CVE-2024-57440
Published: 20 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-57440 is a stack-based buffer overflow vulnerability (CWE-121) in the D-Link DSL-3788 revA1 router running firmware version 1.01R1B036_EU_EN. The flaw occurs in the COMM_MAKECustomMsg function of the webproc CGI handler. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), reflecting high availability impact with no effects on confidentiality or integrity.
An unauthenticated remote attacker with network access can exploit this vulnerability with low attack complexity and no user interaction. Exploitation triggers a buffer overflow, causing the affected CGI process to crash and resulting in a denial-of-service condition on the device.
D-Link has published security advisories addressing this issue, including support announcement SAP10418 available at https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10418 and the general security bulletin page at https://www.dlink.com/en/security-bulletin/. Additional technical details on discovery via fuzzing are provided in a related blog post at https://blog.sparrrgh.me/fuzzing/embedded/2025/01/26/fuzzing-embedded-systems-2.html. Security practitioners should consult these for patch availability and mitigation guidance.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a remote unauthenticated stack buffer overflow in the public-facing webproc CGI handler, directly enabling exploitation of a public-facing application to cause denial of service.