Enviar #809888: D-Link DCS-935L ≤1.10.01 Buffer Overflowinformación

TítuloD-Link DCS-935L ≤1.10.01 Buffer Overflow
DescripciónThis vulnerability exists in the HNAP service handler of the D-Link DCS-935L firmware. An attacker can exploit a flaw in `AESDecrypt` and its underlying decoding function by sending a specially crafted malicious XML request, triggering a stack-based buffer overflow and subsequently achieving Remote Code Execution (RCE).
Fuente⚠️ https://github.com/0xcc12138/DCS-935L-HNAP-Service-CVE
Usuario
 0xcc12138 (UID 97530)
Sumisión2026-04-22 10:22 (hace 1 mes)
Moderación2026-05-10 17:16 (18 days later)
EstadoAceptado
Entrada de VulDB362557 [D-Link DCS-935L hasta 1.10.01 HNAP Service hnap_service SetDeviceSettings AdminPassword desbordamiento de búfer]
Puntos19

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!