{"uuid": "c5dd8818-ac82-48d5-a1f8-7f1d560a4267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0769", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19523", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-0769\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251666 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n\ud83d\udccf Published: 2024-01-21T08:00:05.383Z\n\ud83d\udccf Modified: 2025-06-25T19:27:13.296Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.251666\n2. https://vuldb.com/?ctiid.251666\n3. https://github.com/c2dc/cve-reported/blob/main/CVE-2024-0769/CVE-2024-0769.md\n4. https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10371", "creation_timestamp": "2025-06-25T19:48:02.000000Z"}