提出 #780435: D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow情報

タイトルD-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow
説明We found an stack overflow vulnerability in D-Link Technology NAS device with firmware which was released recently, allows remote attackers to crash the server.In Webdav_Upload_File function, filename is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the filename to execute arbitrary code.
ソース⚠️ https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_166/166.md
ユーザー
 Ziyue Xie (UID 89123)
送信2026年03月15日 14:38 (20 日 ago)
モデレーション2026年03月31日 12:29 (16 days later)
ステータス承諾済み
VulDBエントリ354348 [D-Link DNS-1550-04 迄 20260205 /cgi-bin/webdav_mgr.cgi Webdav_Upload_File f_file メモリ破損]
ポイント19

概要

Do you know our Splunk app?

Download it now for free!