| عنوان | D-Link DI-8100 DI-8100-16.07.26A1 Stack-based Buffer Overflow |
|---|
| الوصف | In the ddos_asp function of the jhttpd file of the DI_8100-16.07.26A1 firmware, the passed def_max, def_time, def_tcp_max, def_tcp_time, def_udp_max, def_udp_time, def_icmp_max and other parameters are controlled, and then the passed v32, v33, v34, v35, v36, v37 and other parameters are copied to v48 (local variables are on the stack) by sprintf again through the following judgment assignment, but there is no control, resulting in a stack overflow, which may cause a denial of service or even command execution. |
|---|
| المصدر | ⚠️ https://github.com/Yhuanhuan01/DI-8100_Vulnerability_Report/blob/main/Vulnerability_Report.md |
|---|
| المستخدم | huan (UID 84420) |
|---|
| ارسال | 20/04/2025 03:30 PM (1 سنة منذ) |
|---|
| الاعتدال | 10/05/2025 05:21 PM (20 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 308291 [D-Link DI-8100 حتى 16.07.26A1 jhttpd /ddos.asp تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|