#VU67536 Stack-based buffer overflow
Vulnerability identifier: #VU67536
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
DIR-878
Hardware solutions /
Routers & switches, VoIP, GSM, etc
DIR-882-US
Hardware solutions /
Routers & switches, VoIP, GSM, etc
DIR-867
Hardware solutions /
Routers for home users
Vendor: D-Link
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the lighttpd service when handling HTTP requests. A remote unauthenticated attacker can send a specially crafted HTTP request to port 80/tcp on the affected device, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
| Model | Hardware Revision | Affected FW | Fixed FW | Recommendation | Last Updated |
| DIR-867 | All Ax Hardware Revisions | v1.30B07 & Below | Under Development |
Pending Release |
03/04/2022 |
| DIR-878 | All Ax Hardware Revisions | v1.30B08-Hotfix & Below | v1.30b08_Beta_Hotfix | Upgrade to Beta Hotfix | 04/01/2022 |
| DIR-882-US | All Ax Hardware Revisions | v1.30B06-Hotfix & Below | Under Development | Pending Release | 03/04/2022 |
Vulnerable software versions
DIR-878: 1.30B08-Hotfix - v1.30b10Beta
DIR-882-US: 1.30B06-Hotfix - v1.30b10Beta
DIR-867: 1.30B07
External links
http://www.zerodayinitiative.com/advisories/ZDI-22-1290/
http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10291
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
