Stack Overflow Vulnerability in D-Link DIR-816 A2
CVE-2022-43003

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-816 Firmware
Vendor: CVE Published:; 26 October 2022

What is CVE-2022-43003?

The D-Link DIR-816 A2 version 1.10 B05 has been identified to have a stack overflow vulnerability in the setRepeaterSecurity function, which is exploited through the pskValue parameter. This flaw could allow attackers to manipulate the system's stack, potentially leading to unauthorized execution of code or system crashes. Users are advised to check for the latest firmware updates to mitigate this security risk.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/hunzi0/VulInfo/tree/main/D-Link/DIR-81...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 26, 2022
Vulnerability Reserved
Oct 17, 2022