CVE-2024-37605: n/a
CVE-2024-37605 is a medium-severity vulnerability in the D-Link DIR-860L router firmware version REVB_FIRMWARE_2. 04. B04_ic5b. It involves a NULL pointer dereference triggered by a crafted HTTP request, resulting in a Denial of Service (DoS) condition. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network. While it does not impact confidentiality or integrity, it causes service disruption by crashing the device or its HTTP service. No known exploits are currently reported in the wild, and no patches have been published yet. Organizations using this specific router model and firmware version are at risk of network availability issues. Mitigation involves monitoring for firmware updates from D-Link and restricting access to the device's management interface. Countries with significant deployment of D-Link consumer routers, especially in Asia, Europe, and North America, are most likely affected.
AI Analysis
Technical Summary
CVE-2024-37605 is a vulnerability identified in the D-Link DIR-860L router, specifically in the REVB_FIRMWARE_2.04.B04_ic5b version. The flaw is a NULL pointer dereference (CWE-476) that occurs when the device processes a specially crafted HTTP request. This dereference leads to a Denial of Service (DoS) condition by causing the router's HTTP service or the entire device to crash or become unresponsive. The vulnerability can be exploited remotely without any authentication or user interaction, making it accessible to attackers who can send malicious HTTP requests over the network. The CVSS v3.1 base score is 6.5, reflecting a medium severity due to the lack of confidentiality or integrity impact but significant availability disruption. The attack vector is adjacent network (AV:A), meaning the attacker must be on the same local network or connected via VPN or similar means. The vulnerability has been publicly disclosed but no patches or known exploits have been reported yet. This vulnerability highlights the risks in embedded device firmware where improper input validation can lead to service outages. Organizations relying on this router model should be aware of the potential for DoS attacks that could disrupt network connectivity or device management.
Potential Impact
The primary impact of CVE-2024-37605 is the disruption of network availability due to a Denial of Service condition on affected D-Link DIR-860L routers. This can interrupt internet connectivity for users behind the router and potentially affect business operations relying on stable network access. Since the vulnerability does not affect confidentiality or integrity, data theft or manipulation is not a concern here. However, the ease of exploitation without authentication means attackers on the local network or connected remotely via VPN could cause repeated outages, leading to operational downtime and increased support costs. In environments where these routers serve as critical network gateways, such as small offices or home offices, the impact could be significant. The lack of a patch at the time of disclosure increases the window of exposure. Additionally, attackers could use this vulnerability as a distraction or part of a multi-stage attack by causing network outages.
Mitigation Recommendations
To mitigate CVE-2024-37605, organizations should first restrict access to the router's management interface to trusted networks only, using network segmentation and firewall rules to limit exposure. Disable remote management features if not required. Monitor network traffic for unusual HTTP requests targeting the router. Since no official patch is currently available, users should regularly check D-Link's official support channels for firmware updates addressing this issue. Consider replacing affected devices with models that have received security updates if feasible. Employ network-level protections such as intrusion detection/prevention systems (IDS/IPS) that can detect and block malformed HTTP requests. For critical environments, implement redundancy in network gateways to minimize downtime in case of device failure. Educate users about the risks of connecting unknown devices or users to the local network, as exploitation requires network adjacency.
Affected Countries
United States, Canada, United Kingdom, Germany, France, Italy, Spain, Australia, India, Japan, South Korea, Brazil, Mexico
CVE-2024-37605: n/a
Description
CVE-2024-37605 is a medium-severity vulnerability in the D-Link DIR-860L router firmware version REVB_FIRMWARE_2. 04. B04_ic5b. It involves a NULL pointer dereference triggered by a crafted HTTP request, resulting in a Denial of Service (DoS) condition. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network. While it does not impact confidentiality or integrity, it causes service disruption by crashing the device or its HTTP service. No known exploits are currently reported in the wild, and no patches have been published yet. Organizations using this specific router model and firmware version are at risk of network availability issues. Mitigation involves monitoring for firmware updates from D-Link and restricting access to the device's management interface. Countries with significant deployment of D-Link consumer routers, especially in Asia, Europe, and North America, are most likely affected.
AI-Powered Analysis
Technical Analysis
CVE-2024-37605 is a vulnerability identified in the D-Link DIR-860L router, specifically in the REVB_FIRMWARE_2.04.B04_ic5b version. The flaw is a NULL pointer dereference (CWE-476) that occurs when the device processes a specially crafted HTTP request. This dereference leads to a Denial of Service (DoS) condition by causing the router's HTTP service or the entire device to crash or become unresponsive. The vulnerability can be exploited remotely without any authentication or user interaction, making it accessible to attackers who can send malicious HTTP requests over the network. The CVSS v3.1 base score is 6.5, reflecting a medium severity due to the lack of confidentiality or integrity impact but significant availability disruption. The attack vector is adjacent network (AV:A), meaning the attacker must be on the same local network or connected via VPN or similar means. The vulnerability has been publicly disclosed but no patches or known exploits have been reported yet. This vulnerability highlights the risks in embedded device firmware where improper input validation can lead to service outages. Organizations relying on this router model should be aware of the potential for DoS attacks that could disrupt network connectivity or device management.
Potential Impact
The primary impact of CVE-2024-37605 is the disruption of network availability due to a Denial of Service condition on affected D-Link DIR-860L routers. This can interrupt internet connectivity for users behind the router and potentially affect business operations relying on stable network access. Since the vulnerability does not affect confidentiality or integrity, data theft or manipulation is not a concern here. However, the ease of exploitation without authentication means attackers on the local network or connected remotely via VPN could cause repeated outages, leading to operational downtime and increased support costs. In environments where these routers serve as critical network gateways, such as small offices or home offices, the impact could be significant. The lack of a patch at the time of disclosure increases the window of exposure. Additionally, attackers could use this vulnerability as a distraction or part of a multi-stage attack by causing network outages.
Mitigation Recommendations
To mitigate CVE-2024-37605, organizations should first restrict access to the router's management interface to trusted networks only, using network segmentation and firewall rules to limit exposure. Disable remote management features if not required. Monitor network traffic for unusual HTTP requests targeting the router. Since no official patch is currently available, users should regularly check D-Link's official support channels for firmware updates addressing this issue. Consider replacing affected devices with models that have received security updates if feasible. Employ network-level protections such as intrusion detection/prevention systems (IDS/IPS) that can detect and block malformed HTTP requests. For critical environments, implement redundancy in network gateways to minimize downtime in case of device failure. Educate users about the risks of connecting unknown devices or users to the local network, as exploitation requires network adjacency.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2024-06-10T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6c68b7ef31ef0b563c2b
Added to database: 2/25/2026, 9:40:56 PM
Last enriched: 2/26/2026, 5:13:46 AM
Last updated: 2/26/2026, 7:16:03 AM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-25191: Uncontrolled Search Path Element in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-23703: Incorrect default permissions in Digital Arts Inc. FinalCode Ver.5 series
HighCVE-2026-1311: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in bearsthemes Worry Proof Backup
HighFinding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)
MediumCVE-2026-2506: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motahar1 EM Cost Calculator
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.