漏洞标题
D-Link DIR-2640 HTTP Referer堆栈基于缓冲区溢出远程代码执行漏洞
漏洞描述信息
D-Link DIR-2640基于HTTP Referer的堆溢出远程代码执行漏洞。此漏洞允许网络附近的攻击者在受影响的D-Link DIR-2640-US路由器安装上执行任意代码。利用此漏洞不需要进行身份验证。
具体问题存在于prog.cgi中,该组件处理向监听TCP端口80和443的lighttpd webserver发出的HNAP请求。该问题源于在将用户提供的数据复制到固定长度的堆栈基缓冲区之前,未能正确验证数据长度。攻击者可以通过此漏洞在root上下文中执行代码。这是ZDI-CAN-21853。
CVSS信息
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
跨界内存写
漏洞标题
D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability
漏洞描述信息
D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within prog.cgi, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21853.
CVSS信息
N/A
漏洞类别
栈缓冲区溢出
漏洞标题
D-Link DIR-2640 安全漏洞
漏洞描述信息
D-Link DIR-2640是中国友讯(D-Link)公司的一款高功率 Wi-Fi 路由器。 D-Link DIR-2640存在安全漏洞,该漏洞源于存在基于栈的缓冲区溢出远程代码执行漏洞,导致攻击者可以执行任意代码。
CVSS信息
N/A
漏洞类别
其他