The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
Solution:
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
The product writes data past the end, or before the beginning, of the intended buffer.
Link | Tags |
---|---|
https://www.twcert.org.tw/tw/cp-132-8082-f1687-1.html | third party advisory |
https://www.twcert.org.tw/en/cp-139-8083-a299e-2.html | third party advisory |