Buffer Overflow Vulnerability in D-Link DIR-816 and DIR-878 Products
CVE-2022-36620

7.5HIGH

Key Information:

Vendor
D-Link
Status
Dir-816 Firmware
Vendor
CVE Published:
31 August 2022

Summary

The D-Link DIR-816 and DIR-878 routers are susceptible to a buffer overflow vulnerability through the '/goform/addRouting' endpoint. This issue could allow an attacker to execute arbitrary code, potentially compromising device functionality and network integrity. Users are advised to monitor their devices for any unusual activity and apply available updates to mitigate this risk.

References

https://www.dlink.com/en/security-bulletin/
https://github.com/z1r00/IOT_Vul/blob/main/dlink/Dir816/a...
https://github.com/726232111/VulIoT/tree/main/D-Link/DIR-...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.