Buffer Overflow in D-LINK DI-8003 Affects User Security
CVE-2024-52754

4.9MEDIUM

Key Information:

Vendor: D-Link
Status: Di-8003 Firmware
Vendor: CVE Published:; 20 November 2024

Summary

The D-LINK DI-8003 version 16.07.16A1 is impacted by a buffer overflow vulnerability in the tgfile_htm function. This vulnerability arises from improper handling of the 'fn' parameter, potentially allowing an attacker to execute arbitrary code, leading to a compromise of system integrity. Users are advised to review security measures and monitor for any signs of exploitation.

References

https://www.dlink.com/en/security-bulletin/

https://github.com/faqiadegege/IoTVuln/blob/main/DI_8003_...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2024