Buffer Overflow Vulnerability in D-Link DSL-3782 Router
CVE-2018-10746
8.8HIGH
What is CVE-2018-10746?
A buffer overflow vulnerability exists in the D-Link DSL-3782 EU 1.01 device, where an authenticated user can exploit a long buffer passed as a 'get' parameter to the '/userfs/bin/tcapi' binary. This issue arises within the Diagnostics component when the 'get <node_name attr>' function is used. The flaw allows for memory corruption, potentially enabling an attacker to redirect program execution flow and execute arbitrary code on the device.