Buffer Overflow Vulnerability in D-Link DAP-2660 Wireless Access Point
CVE-2023-39749

9.8CRITICAL

Key Information:

Vendor: D-Link
Status: Dap-2660 Firmware
Vendor: CVE Published:; 21 August 2023

What is CVE-2023-39749?

The D-Link DAP-2660 wireless access point version 1.13 is susceptible to a buffer overflow vulnerability located in the /adv_resource component. This issue arises when an attacker sends a specially crafted GET request, potentially allowing for the execution of malicious code and unauthorized access. It is crucial for users to secure their devices promptly to mitigate risks associated with this vulnerability.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/2...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2023
Vulnerability Reserved
Aug 7, 2023