Invia #589221: D-Link DIR816 1.10CNB05 OS Command Injectioninformazioni

TitoloD-Link DIR816 1.10CNB05 OS Command Injection
DescrizioneWe found an stack overflow vulnerability in D-Link router with firmware which was released recently, allows remote attackers to crash the server.(without authentication)In the router's qosClassifier function, dip_address、sip_address is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the dip_address、sip_address to execute arbitrary code.
Fonte⚠️ https://github.com/wudipjq/my_vuln/blob/main/D-Link5/vuln_49/49.md
Utente
 pjqwudi (UID 85106)
Sottomissione03/06/2025 07:25 (1 Anno fa)
Moderazione04/06/2025 13:10 (1 day later)
StatoAccettato
Voce VulDB311107 [D-Link DIR-816 1.10CNB05 /goform/qosClassifier dip_address/sip_address escalationi di privilegi]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!