Buffer Overflow Vulnerability in ACME Micro_httpd Affecting D-Link and NetGear Routers
CVE-2014-4927

Currently unrated

Key Information:

Vendor

Netgear
Status
Wgr614
Micro Httpd
Mr-adsl-dg834
Dsl2750u
Vendor
CVE Published:
24 July 2014

What is CVE-2014-4927?

A buffer overflow vulnerability exists in the ACME micro_httpd server component utilized in several D-Link and NetGear router models. This flaw allows a remote attacker to send a specially crafted long string in the URI of a GET request, which can lead to a denial of service condition by crashing the affected router. Products specifically impacted include the D-Link DSL2750U, DSL2740U, and NetGear models WGR614 and MR-ADSL-DG834, necessitating immediate attention for securing network devices against potential exploitation.

References

http://www.exploit-db.com/exploits/34102
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/68746
vdb-entryx_refsource_BID
http://osvdb.org/show/osvdb/109356
vdb-entryx_refsource_OSVDB

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.