提交 #780439: D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow信息

标题D-Link DNS-120/202L/315L/320/320L/320LW/321/322L/323/325/326/327L/326/340L/343/345/726-4/1100-4/1200-05/1550-04 up to 20260205 Stack-based Buffer Overflow
描述We found an stack overflow vulnerability in D-Link Technology NAS device with firmware which was released recently, allows remote attackers to crash the server.In cgi_addgroup_get_group_quota_minsize function, name is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the name to execute arbitrary code.
来源⚠️ https://github.com/wudipjq/my_vuln/blob/main/D-Link8/vuln_169/169.md
用户
 Ziyue Xie (UID 89123)
提交2026-03-15 14時39分 (4 月前)
管理2026-03-31 12時30分 (16 days later)
状态已接受
VulDB条目354349 [D-Link DNS-1550-04 直到 20260205 /cgi-bin/account_mgr.cgi cgi_addgroup_get_group_quota_minsize 名称 内存损坏]
积分20

Might our Artificial Intelligence support you?

Check our Alexa App!