D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2023-37326
8.8HIGH
What is CVE-2023-37326?
A significant vulnerability has been identified in D-Link DAP-2622 routers that can lead to remote code execution without any authentication. This flaw arises from inadequate validation of user-supplied data within the DDP service, leading to a stack-based buffer overflow. Attackers with network access can exploit this vulnerability to run arbitrary code in the context of root privileges, potentially compromising the integrity and security of the device and the network it is a part of.
Affected Version(s)
DAP-2622 1.00 dated 16-12-2020