CVE-2017-14948 in DIR-880Linfo

Zusammenfassung

von MITRE

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

29.09.2017

Moderieren

akzeptiert

Eintrag

VDB-143469

CPE

bereit

CWE

CWE-120 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.03012

KEV

nein

Aktivitäten

very low

Sektor

Insurance, Energy, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-14948
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-14948
CVE Details	https://www.cvedetails.com/cve/CVE-2017-14948/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!