Submeter #780439: D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflowinformação

TítuloD-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow
DescriçãoWe found an stack overflow vulnerability in D-Link Technology NAS device with firmware which was released recently, allows remote attackers to crash the server.In cgi_addgroup_get_group_quota_minsize function, name is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the name to execute arbitrary code.
Fonte⚠️ https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_169/169.md
Utilizador
 Ziyue Xie (UID 89123)
Submissão15/03/2026 14h39 (há 22 dias)
Moderação31/03/2026 12h30 (16 days later)
EstadoAceite
Entrada VulDB354349 [D-Link DNS-1550-04 até 20260205 /cgi-bin/account_mgr.cgi cgi_addgroup_get_group_quota_minsize Nome Excesso de tampão]
Pontos20

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!