| Title | D-Link DI-8100 1.0 Buffer Overflow |
|---|
| Description | A stack-based buffer overflow vulnerability exists in the ddns_asp function of the jhttpd web server, which is commonly used in embedded devices. This vulnerability arises due to improper handling of user-supplied input in the ddns.asp request handler when the opt=add parameter is specified.
Vulnerability Details:
Component Affected: jhttpd web server
Vulnerable Function: ddns_asp (Dynamic DNS configuration handler)
Trigger Condition: Sending a crafted HTTP GET request to /ddns.asp with the opt=add parameter
User Input: Parameters such as mx= are concatenated into a local stack buffer using the unsafe sprintf() function
Lack of Input Validation: No length checks are performed on the input, allowing an attacker to supply overly long values
Impact:
The excessive input can overflow the fixed-size stack buffer, potentially overwriting the return address of the function
This leads to a denial of service (DoS) via segmentation fault
More critically, this vulnerability could be exploited for remote code execution (RCE) if the attacker can precisely control the overwritten return address and inject malicious payload or ROP chain |
|---|
| Source | ⚠️ https://github.com/buobo/bo-s-CVE/blob/main/DI-8100/wp.md |
|---|
| User | bazhuayu (UID 86763) |
|---|
| Submission | 07/18/2025 20:01 (9 months ago) |
|---|
| Moderation | 07/19/2025 21:06 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 317023 [D-Link DI-8100 1.0 jhttpd /ddns.asp?opt=add sprintf mx stack-based overflow] |
|---|
| Points | 20 |
|---|