CVE-2024-6044

Certain models of D-Link wireless routers have a path traversal vulnerability. Unauthenticated attackers on the same local area network can read arbitrary system files by manipulating the URL.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
twcertCNA
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Common Weakness Enumeration
References
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398
https://www.twcert.org.tw/en/cp-139-7878-7c3d9-2.html
https://www.twcert.org.tw/tw/cp-132-7877-b4674-1.html
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10398
https://www.twcert.org.tw/en/cp-139-7878-7c3d9-2.html
https://www.twcert.org.tw/tw/cp-132-7877-b4674-1.html