Submit #780435: D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflowinfo

TitelD-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow
BeschreibungWe found an stack overflow vulnerability in D-Link Technology NAS device with firmware which was released recently, allows remote attackers to crash the server.In Webdav_Upload_File function, filename is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the filename to execute arbitrary code.
Quelle⚠️ https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_166/166.md
Benutzer
 Ziyue Xie (UID 89123)
Einreichung15.03.2026 14:38 (vor 19 Tagen)
Moderieren31.03.2026 12:29 (16 days later)
StatusAkzeptiert
VulDB Eintrag354348 [D-Link DNS-1550-04 bis 20260205 /cgi-bin/webdav_mgr.cgi Webdav_Upload_File f_file Pufferüberlauf]
Punkte19

ZurückÜbersichtWeiter

Interested in the pricing of exploits?

See the underground prices here!