| タイトル | D-Link DIR-825 C1_FW3.00b32 C1_FW3.00b32 Buffer Overflow |
|---|
| 説明 | A stack-based buffer overflow exists in the `nmbd` NetBIOS Name Service daemon of D-Link DIR-825. The daemon processes NetBIOS name queries on UDP port 137 and copies attacker-controlled packet data into a fixed-size stack buffer without validating the length, leading to an out-of-bounds write.
Because this service is typically reachable from the local network without authentication, an attacker on the LAN can crash the service and may be able to achieve arbitrary code execution depending on the runtime environment and mitigations (stack canaries, ASLR, NX, compiler options, etc.). |
|---|
| ソース | ⚠️ https://tzh00203.notion.site/D-Link-DIR-825-nmbd-NetBIOS-Name-Service-Stack-Based-Buffer-Overflow-337b5c52018a80cea1e8d56689928114 |
|---|
| ユーザー | tian (UID 93438) |
|---|
| 送信 | 2026年04月07日 13:05 (21 日 ago) |
|---|
| モデレーション | 2026年04月26日 09:38 (19 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 359643 [D-Link DIR-825 3.00b32 nmbd sserver.c NMBD_process メモリ破損] |
|---|
| ポイント | 17 |
|---|