| عنوان | D-Link DI-8100 1.0 Buffer Overflow |
|---|
| الوصف | A stack-based buffer overflow vulnerability exists in the ddns_asp function of the jhttpd web server, which is commonly used in embedded devices. This vulnerability arises due to improper handling of user-supplied input in the ddns.asp request handler when the opt=add parameter is specified.
Vulnerability Details:
Component Affected: jhttpd web server
Vulnerable Function: ddns_asp (Dynamic DNS configuration handler)
Trigger Condition: Sending a crafted HTTP GET request to /ddns.asp with the opt=add parameter
User Input: Parameters such as mx= are concatenated into a local stack buffer using the unsafe sprintf() function
Lack of Input Validation: No length checks are performed on the input, allowing an attacker to supply overly long values
Impact:
The excessive input can overflow the fixed-size stack buffer, potentially overwriting the return address of the function
This leads to a denial of service (DoS) via segmentation fault
More critically, this vulnerability could be exploited for remote code execution (RCE) if the attacker can precisely control the overwritten return address and inject malicious payload or ROP chain |
|---|
| المصدر | ⚠️ https://github.com/buobo/bo-s-CVE/blob/main/DI-8100/wp.md |
|---|
| المستخدم | bazhuayu (UID 86763) |
|---|
| ارسال | 18/07/2025 08:01 PM (11 أشهر منذ) |
|---|
| الاعتدال | 19/07/2025 09:06 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 317023 [D-Link DI-8100 1.0 jhttpd /ddns.asp?opt=add sprintf mx تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|