| タイトル | D-Link DIR-825 C1_FW3.00b32 Buffer Overflow |
|---|
| 説明 | A stack-based buffer overflow exists in the `miniupnpd` implementation used by D-Link DIR-825. The issue is reachable through the LAN-side UPnP SOAP interface during `AddPortMapping` processing.
An attacker on the local network can send a crafted `AddPortMapping` request with an oversized `NewPortMappingDescription` value. When the request updates an existing port mapping, the description is written to a fixed-size stack buffer via `sprintf()` without length validation, leading to memory corruption. |
|---|
| ソース | ⚠️ https://tzh00203.notion.site/D-Link-DIR-825-miniupnpd-AddPortMapping-Stack-Overflow-337b5c52018a8028988ecc9daded409e |
|---|
| ユーザー | tian (UID 93438) |
|---|
| 送信 | 2026年04月07日 13:06 (21 日 ago) |
|---|
| モデレーション | 2026年04月26日 09:38 (19 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 359644 [D-Link DIR-825 迄 3.00b32 miniupnpd upnpsoap.c AddPortMapping NewPortMappingDescription メモリ破損] |
|---|
| ポイント | 17 |
|---|