CVE-2016-6563

Public Exploit

D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action

Description

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.

References

Link	Tags
https://www.exploit-db.com/exploits/40805/	exploit vdb entry third party advisory
https://www.kb.cert.org/vuls/id/677427	third party advisory us government resource
http://www.securityfocus.com/bid/94130	vdb entry third party advisory
http://seclists.org/fulldisclosure/2016/Nov/38	mailing list exploit third party advisory

Frequently Asked Questions

What is the severity of CVE-2016-6563?: CVE-2016-6563 has been scored as a critical severity vulnerability.
How to fix CVE-2016-6563?: To fix CVE-2016-6563, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2016-6563 being actively exploited in the wild?: It is possible that CVE-2016-6563 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~88% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2016-6563?: CVE-2016-6563 affects D-Link DIR-823, D-Link DIR-822, D-Link DIR-818L(W), D-Link DIR-895L, D-Link DIR-890L, D-Link DIR-885L, D-Link DIR-880L, D-Link DIR-868L, D-Link DIR-850L.

Description

Categories

CWE-121 – Stack-based Buffer Overflow

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions