CVE-2024-0769 — Actively Exploited: DIR-859 Router (D-Link)
D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and
| CVE ID | CVE-2024-0769 |
|---|---|
| Vendor | D-Link |
| Product | DIR-859 Router |
| Vulnerability name | D-Link DIR-859 Router Path Traversal Vulnerability |
| Date added | 2025-06-25 |
| Remediation due | 2025-07-16 |
| Known ransomware use | Unknown |
| Required action | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| Description | D-Link DIR-859 routers contain a path traversal vulnerability in the file /hedwig.cgi of the component HTTP POST Request Handler. Manipulation of the argument service with the input ../../../../htdocs/webinc/getcfg/DHCPS6.BRIDGE-1.xml allows for the leakage of session data potentially enabling privilege escalation and unauthorized control of the device. This vulnerability affects legacy D-Link pro |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →