Memory Corruption Flaw in D-Link DSL-3782 European Devices
CVE-2018-10747
8.8HIGH
What is CVE-2018-10747?
A memory corruption vulnerability has been identified in the D-Link DSL-3782 EU 1.01 devices. Authenticated users can exploit this issue by passing a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary within the Diagnostics component. This manipulation leads to memory corruption, allowing attackers to redirect program flow and execute arbitrary code, which could lead to severe security breaches.