Stack-based Buffer Overflow in D-Link DIR-859 Router
CVE-2022-25106

5.5MEDIUM

Key Information:

Vendor
D-Link
Status
Dir-859 Firmware
Vendor
CVE Published:
4 March 2022

Summary

The D-Link DIR-859 version 1.05 is susceptible to a stack-based buffer overflow through a vulnerability in the function genacgi_main. This flaw enables attackers to execute crafted payloads that can lead to a Denial of Service (DoS) condition, compromising the functionality of the router and potentially disrupting network services.

References

https://www.dlink.com/en/security-bulletin/
x_refsource_MISC
https://github.com/chunklhit/cve/blob/master/dlink/DIR859...
x_refsource_MISC
https://supportannouncement.us.dlink.com/announcement/pub...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.