← back
CVE-2016-6563

D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action

EPSS 79.9%CWE-121
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
Affected products
D-Link · DIR-818L(W)D-Link · DIR-822D-Link · DIR-823D-Link · DIR-850LD-Link · DIR-868LD-Link · DIR-880LD-Link · DIR-885LD-Link · DIR-890LD-Link · DIR-895L
public PoCs found2
cve_referencewww.exploit-db.com/exploits/40805/unverifiedexploitdbwww.exploit-db.com/exploits/40805unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2016/Nov/38https://www.exploit-db.com/exploits/40805/https://www.kb.cert.org/vuls/id/677427http://www.securityfocus.com/bid/94130