提交 #802868: D-Link DI-8100 16.07.26A1 Denial of Service
| 标题 | D-Link DI-8100 16.07.26A1 Denial of Service |
|---|---|
| 描述 | A critical stack-based buffer overflow vulnerability exists in the file_exten.asp CGI script of the DI-8100 router firmware. The vulnerability is triggered when processing the name parameter with an overly long string during file extension configuration operations (opt=add or opt=mod). An authenticated attacker can exploit this flaw to execute arbitrary code on the underlying system, potentially leading to complete device compromise, denial of service, or lateral movement within the network. |
| 来源 | ⚠️ https:/ |
| 用户 | draw (UID 64399) |
| 提交 | 2026-04-11 17時00分 (2 月前) |
| 管理 | 2026-04-27 19時44分 (16 days later) |
| 状态 | 已接受 |
| VulDB条目 | 359856 [D-Link DI-8100 16.07.26A1 File Extension file_exten.asp file_exten_asp 名称 内存损坏] |
| 积分 | 20 |