Stack Buffer Overflow in D-Link DIR-809 Devices
CVE-2021-33267

9.8CRITICAL

Key Information:

Vendor
D-Link
Status
Dir-809 Firmware
Vendor
CVE Published:
1 December 2021

Summary

The D-Link DIR-809 wireless router is susceptible to a stack buffer overflow vulnerability within the function FUN_80034d60 located in the /formStaticDHCP component. This vulnerability can be exploited by sending a specially crafted POST request to the device, potentially allowing an attacker to execute arbitrary code or cause a denial of service. All versions of the DIR-809 firmware before DIR-809Ax_FW1.12WWB03_20190410 are affected, making it crucial for users to update their devices to mitigate the risks associated with this vulnerability.

References

https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR8...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.