| Title | D-Link DIR-600 v2.15WWb02 and possibly earlier versions Stack-based Buffer Overflow |
|---|
| Description | A stack-based buffer overflow vulnerability exists in the D-Link DIR-600 router firmware within the CGI binary "hedwig.cgi". The vulnerability is triggered via an overly long HTTP Cookie header, which is insufficiently validated before being copied into a fixed-size stack buffer.
An unauthenticated remote attacker can exploit this issue by sending a crafted HTTP POST request containing a malicious Cookie value, leading to stack memory corruption. Successful exploitation allows precise control of saved registers and return addresses, enabling execution of arbitrary code in the context of the embedded web server.
The vulnerability can be reliably exploited on MIPS little-endian systems by constructing a return-oriented programming (ROP) chain followed by custom shellcode, resulting in remote code execution with root privileges.
|
|---|
| Source | ⚠️ https://github.com/LonTan0/CVE/blob/main/Stack-Based%20Buffer%20Overflow%20Vulnerability%20in%20hedwig.cgi%20of%20D-Link%20DIR-600.md |
|---|
| User | LonTan0 (UID 84934) |
|---|
| Submission | 12/25/2025 10:25 (3 months ago) |
|---|
| Moderation | 12/28/2025 10:32 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 338581 [D-Link DIR-600 up to 2.15WWb02 HTTP Header hedwig.cgi Cookie stack-based overflow] |
|---|
| Points | 20 |
|---|