Buffer Overflow Vulnerability in D-Link Go-RT-AC750 Routers

CVE-2022-37055

What is CVE-2022-37055?

CVE-2022-37055 is a critical buffer overflow vulnerability identified in D-Link Go-RT-AC750 routers, specifically in the firmware versions GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02. This vulnerability arises from improper handling of input in certain web-based management interfaces, such as cgibin and hnap_main. A successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on the affected devices, compromising their security and functionality. The Go-RT-AC750 routers are commonly used for home and small office networking, making this vulnerability particularly concerning, as it could grant unauthorized access to network resources and sensitive data.

Potential impact of CVE-2022-37055

1. Remote Code Execution: Attackers can potentially exploit this vulnerability to execute arbitrary code on the affected routers. This can lead to full control of the device, enabling malicious activities such as intercepting network traffic or launching further attacks on connected devices within the network.

2. Network Compromise: By gaining control over the router, malicious actors can access all devices connected to the network, potentially allowing unauthorized access to sensitive information, data breaches, or further infiltration into more secure environments.

3. Increased Risk of Malware Deployment: Control over the compromised routers can be leveraged to install and propagate malware within the local network, expose the organization to ransomware threats, or utilize the device for launching distributed denial-of-service (DDoS) attacks against other targets.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References