| Название | D-Link DIR-823X 240126、240802 NULL Pointer Dereference |
|---|
| Описание | This vulnerability exists in the set_wifi_blacklists function of the DIR-823X router.
The vulnerability is triggered by sending a specially crafted POST request (for example, containing macList="jX%n") which causes memory access anomalies when the server parses these malicious parameters. Specifically, during processing, the code attempts to dereference an invalid memory address, causing the program to crash. This vulnerability is related to the passing of the macList parameter and the execution of the strlen function. The input data is not sufficiently validated and processed, allowing attackers to exploit this vulnerability. |
|---|
| Источник | ⚠️ https://tasty-foxtrot-3a8.notion.site/D-link-DIR-823X-set_wifi_blacklists-Vulnerability-1870448e619580e5bf09cf628692f7a9?pvs=73 |
|---|
| Пользователь | hand_king (UID 77354) |
|---|
| Представление | 26.01.2025 07:03 (1 Год назад) |
|---|
| Модерация | 07.02.2025 10:37 (12 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 294933 [D-Link DIR-823X 240126/240802 HTTP POST Request set_wifi_blacklists macList отказ в обслуживании] |
|---|
| Баллы | 17 |
|---|