Stack Overflow Vulnerability in D-Link DIR823G Router
CVE-2023-29665

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-823g Firmware
Vendor: CVE Published:; 17 April 2023

Summary

The D-Link DIR823G router, version V1.0.2B05, has a security vulnerability that allows for a stack overflow through the NewPassword parameters in the SetPasswdSettings function. This flaw could potentially enable unauthorized access or control over the device, emphasizing the need for users to review their security settings and apply necessary updates promptly.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/726232111/VulIoT/tree/main/D-Link/DIR8...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 17, 2023
Vulnerability Reserved
Apr 7, 2023