CVE-2024-40505
CRITICALDescription
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.
Is your site exposed to CVE-2024-40505?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dlink | dap-1650_firmware |
| dlink | dap-1650 |
References
Frequently Asked Questions
What is CVE-2024-40505? +
How severe is CVE-2024-40505? +
What products are affected by CVE-2024-40505? +
How do I check if I'm vulnerable to CVE-2024-40505? +
Related Vulnerabilities
Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the download_debuglog_file.php endpoint used for …
A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not …
Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve Embedded Sensitive Data.This issue affects airleader MASTER: 3.0046.
DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability
`oak` is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. …
The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability. Malicious application can supply malicious URI path …