Skip to main content

Dcs 932l Firmware CVE-2024-37606

MEDIUM
Classic Buffer Overflow (CWE-120)
2024-12-17 cve@mitre.org
6.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 17, 2024 - 15:15 cve.org
MEDIUM 6.5

DescriptionCVE.org

A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

AnalysisAI

A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. A Stack overflow vulnerability in D-Link DCS-932L REVB_FIRMWARE_2.18.01 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. Affected products include: Dlink Dcs-932L Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

CVE-2017-7852 HIGH POC
8.8 Apr 24

D-Link DCS cameras have a weak/insecure CrossDomain.XML file that allows sites hosting malicious Flash objects to access

CVE-2025-5572 HIGH POC
8.8 Jun 04

A critical stack-based buffer overflow vulnerability exists in D-Link DCS-932L camera firmware version 2.18.01 in the se

CVE-2019-10999 HIGH POC
8.8 May 06

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. Rated

CVE-2018-18441 HIGH POC
7.5 Dec 20

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. Rated high severity (CV

CVE-2025-5573 MEDIUM POC
6.3 Jun 04

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the funct

CVE-2025-5571 MEDIUM POC
6.3 Jun 04

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSy

CVE-2021-41504 HIGH
8.0 Sep 24

An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. Rated high severity (CVSS 8.

CVE-2021-41503 HIGH
8.0 Sep 24

DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. Rated high severity (CVSS 8.0), th

CVE-2012-4046 LOW
3.3 Dec 24

The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packe

CVE-2025-4843 HIGH POC
8.7 May 18

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4842 HIGH POC
8.7 May 17

A vulnerability was found in D-Link DCS-932L 2.18.01. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4841 HIGH POC
8.7 May 17

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Rated high severity (CVSS 8.7), this vu

Share

CVE-2024-37606 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy