Heap Buffer Overflow in D-Link DIR-619L Router
CVE-2020-19323

7.5HIGH

Key Information:

Vendor: D-Link
Status: Dir-619l Firmware
Vendor: CVE Published:; 11 September 2023

Summary

A heap buffer overflow vulnerability exists in the mini_upnpd service of D-Link DIR-619L routers running firmware version 2.06beta. This flaw allows remote attackers to initiate a forced restart of the device by sending a specially crafted M-search request that exploits the ST parameter. The impact of this vulnerability is significant as it does not require any form of authentication, allowing unauthorized users to disrupt the device functionality easily.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/hhhhu8045759/619L_upnpd_heapoverflow

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2023
Vulnerability Reserved
Aug 13, 2020

Collectors

NVD DatabaseMitre Database