Stack Overflow Vulnerability in D-Link Router
CVE-2023-33626

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dir-600 Firmware
Vendor: CVE Published:; 12 June 2023

Summary

A stack overflow vulnerability was identified in the D-Link DIR-600 router, specifically in Hardware Version B5 and Firmware Version 2.18. This vulnerability can be exploited via the 'gena.cgi' binary, which may allow an attacker to execute arbitrary code or cause a denial of service. Users of D-Link DIR-600 should review security bulletins and apply necessary updates to mitigate any potential risks.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/o...

https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/o...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 12, 2023
Vulnerability Reserved
May 22, 2023