| 标题 | D-Link DIR-600 v2.15WWb02 and possibly earlier versions Stack-based Buffer Overflow |
|---|
| 描述 | A stack-based buffer overflow vulnerability exists in the D-Link DIR-600 router firmware within the CGI binary "hedwig.cgi". The vulnerability is triggered via an overly long HTTP Cookie header, which is insufficiently validated before being copied into a fixed-size stack buffer.
An unauthenticated remote attacker can exploit this issue by sending a crafted HTTP POST request containing a malicious Cookie value, leading to stack memory corruption. Successful exploitation allows precise control of saved registers and return addresses, enabling execution of arbitrary code in the context of the embedded web server.
The vulnerability can be reliably exploited on MIPS little-endian systems by constructing a return-oriented programming (ROP) chain followed by custom shellcode, resulting in remote code execution with root privileges.
|
|---|
| 来源 | ⚠️ https://github.com/LonTan0/CVE/blob/main/Stack-Based%20Buffer%20Overflow%20Vulnerability%20in%20hedwig.cgi%20of%20D-Link%20DIR-600.md |
|---|
| 用户 | LonTan0 (UID 84934) |
|---|
| 提交 | 2025-12-25 10時25分 (3 月前) |
|---|
| 管理 | 2025-12-28 10時32分 (3 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 338581 [D-Link DIR-600 直到 2.15WWb02 HTTP Header hedwig.cgi Cookie 内存损坏] |
|---|
| 积分 | 20 |
|---|