Buffer Overflow Vulnerability in D-Link DIR-842 Router
CVE-2023-39666

9.8CRITICAL

Key Information:

Vendor
D-Link
Status
Dir-842 Firmware
Vendor
CVE Published:
18 August 2023

Summary

The D-Link DIR-842 router is susceptible to multiple buffer overflow vulnerabilities found within the fgets function. This issue is specifically exploitative through the acStack_120 and acStack_220 parameters, potentially allowing attackers to execute arbitrary code or disrupt service. Proper validation and sanitization of input parameters should be implemented to mitigate this security risk.

References

https://www.dlink.com/en/security-bulletin/
https://support.dlink.com/
https://github.com/Davidteeri/Bug-Report/blob/main/D-Link...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.