| शीर्षक | D-Link DIR-825 C1_FW3.00b32 Buffer Overflow |
|---|
| विवरण | A stack-based buffer overflow exists in the `miniupnpd` implementation used by D-Link DIR-825. The issue is reachable through the LAN-side UPnP SOAP interface during `AddPortMapping` processing.
An attacker on the local network can send a crafted `AddPortMapping` request with an oversized `NewPortMappingDescription` value. When the request updates an existing port mapping, the description is written to a fixed-size stack buffer via `sprintf()` without length validation, leading to memory corruption. |
|---|
| स्रोत | ⚠️ https://tzh00203.notion.site/D-Link-DIR-825-miniupnpd-AddPortMapping-Stack-Overflow-337b5c52018a8028988ecc9daded409e |
|---|
| उपयोगकर्ता | tian (UID 93438) |
|---|
| सबमिशन | 07/04/2026 01:06 PM (20 दिन पहले) |
|---|
| संयम | 26/04/2026 09:38 AM (19 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 359644 [D-Link DIR-825 तक 3.00b32 miniupnpd upnpsoap.c AddPortMapping NewPortMappingDescription बफ़र ओवरफ़्लो] |
|---|
| अंक | 17 |
|---|