CVE-2024-33345 is a vulnerability identified in the D-Link DIR-823G A1V1.0.2B05 router firmware. The flaw is a null-pointer dereference located in the main function of the upload_firmware.cgi component. This CGI script is responsible for handling firmware upload requests on the device. An attacker can send specially crafted input to this endpoint, causing the software to dereference a null pointer, which leads to a denial of service (DoS) condition by crashing or freezing the device. The vulnerability requires no authentication (PR:N) but does require user interaction (UI:R), meaning the attacker must send the malicious request directly to the device. The CVSS v3.1 base score is 6.5, reflecting a medium severity level, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no confidentiality or integrity impact (C:N/I:N), and high impact on availability (A:H). No patches or fixes have been released at the time of publication, and no known exploits are reported in the wild. The underlying issue corresponds to CWE-476 (NULL Pointer Dereference), a common programming error that can cause system crashes. This vulnerability primarily affects the availability of the device, potentially disrupting network connectivity for users relying on this router model.

The primary impact of CVE-2024-33345 is a denial of service condition on affected D-Link DIR-823G routers. This can cause network outages or interruptions for home users, small businesses, or organizations using this device as part of their network infrastructure. Since the vulnerability can be exploited remotely without authentication, attackers can disrupt network availability from anywhere on the internet if the device is exposed. Although the vulnerability does not compromise confidentiality or integrity, the loss of availability can affect business operations, remote work, and critical communications. In environments where these routers serve as gateways or access points, the DoS could lead to significant operational downtime. The lack of a patch increases the risk window, and the requirement for user interaction means attackers must directly target the device with crafted requests. Overall, the impact is moderate but could be severe in environments heavily dependent on this hardware without alternative failover mechanisms.

To mitigate CVE-2024-33345, organizations and users should first restrict external access to the router’s management interfaces, especially the upload_firmware.cgi endpoint. Implement network-level protections such as firewall rules or intrusion prevention systems (IPS) to block or monitor suspicious HTTP requests targeting this CGI script. Disable remote management features if not required, or restrict them to trusted IP addresses. Regularly monitor router logs for unusual or malformed requests that could indicate exploitation attempts. Since no official patch is available, consider upgrading to newer firmware versions or alternative hardware models if possible. Employ network segmentation to isolate vulnerable devices from critical infrastructure. Additionally, inform users about the risk and advise against interacting with untrusted networks or links that could trigger the vulnerability. Once a patch is released, apply it promptly to eliminate the vulnerability. Maintain an incident response plan to quickly recover from potential DoS events caused by exploitation.