Stack-based Buffer Overflow Remote Code Execution Vulnerability in D-Link DAP-1325 Routers
CVE-2023-44408

8.8HIGH

Key Information:

Vendor: D-link
Status: Dap-1325
Vendor: CVE Published:; 3 May 2024

Summary

The D-Link DAP-1325 is affected by a significant vulnerability that arises from inadequate validation of XML data length provided to the HNAP1 SOAP endpoint. This flaw facilitates potential exploitation by allowing network-adjacent attackers to execute arbitrary code on vulnerable installations without the need for authentication. The vulnerability occurs due to a stack-based buffer overflow stemming from the failure to properly restrict the length of user-supplied input, thereby providing attackers an opportunity to run code with root privileges.

Affected Version(s)

DAP-1325 1.07b01

References

https://www.zerodayinitiative.com/advisories/ZDI-23-1506/

x_research-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Sep 28, 2023