| 제목 | D-Link DI-8100 DI-8100-16.07.26A1 Stack-based Buffer Overflow |
|---|
| 설명 | In the ctxz_asp function of the jhttpd file of the DI_8100-16.07.26A1 firmware, control the incoming def, defTcp, defUdp, defIcmp, and defO parameters, and then the incoming parameters after sprintf, such as v31, v34, v37, v40, will be copied to v47 again (local variables are on the stack) through the following judgment assignment. But without control, it results in stack overflow, which may lead to denial of service or even command execution. |
|---|
| 원천 | ⚠️ https://github.com/Yhuanhuan01/DI-8100_Vulnerability_Report/blob/main/DI-8100-Vulnerability_Report_ctxz.md |
|---|
| 사용자 | huan (UID 84420) |
|---|
| 제출 | 2025. 05. 13. PM 02:00 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 05. 17. AM 08:14 (4 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 309436 [D-Link DI-8100 16.07.26A1 Connection Limit Page /ctxz.asp ctxz_asp def/defTcp/defUdp/defIcmp/defOther 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|