D-Link routers contain buffer overflow vulnerability
Original Release date: 11 Aug 2016 | Last revised: 12 Aug 2016

Overview
D-Link DIR routers contain a stack-based buffer overflow vulnerability, which may allow a remote attack to execute arbitrary code.

Description

CWE-121: Stack-based Buffer Overflow – CVE-2016-5681
A stack-based buffer overflow occurs in the function within the cgibin binary which validates the session cookie.This function is used by a service which is exposed to the WAN network on port 8181 by default.CVE-2016-5681 has been confirmed to affect:
DIR-850L B1
DIR-822 A1
DIR-823 A1
DIR-895L A1
DIR-890L A1
DIR-885L A1
DIR-880L A1
DIR-868L B1
DIR-868L C1
DIR-817L(W)
DIR-818L(W)

Impact

This function allows a buffer overflow condition in which arbitrary code may be executed.

The impact may vary depending on if the use case is local or remote.

Solution

Restrict AccessAs a general good security practice, only allow connections from trusted hosts and networks

Vendor Information (Learn More)
Vendor
Status
Date Notified
Date Updated
D-Link Systems, Inc.
Affected
07 Jul 2016
09 Aug 2016
If you are a vendor and your product is affected, let us know.
CVSS Metrics (Learn More)
Group
Score
Vector
Base
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal
8.4
E:POC/RL:ND/RC:C
Environmental
6.3
CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Credit
Thanks to Daniel Romero @daniel_rome (NCC Group) for reporting this vulnerability.
This document was written by Trent Novelly.

Other Information
CVE IDs: CVE-2016-5681
Date Public: 11 Aug 2016
Date First Published: 11 Aug 2016
Date Last Updated: 12 Aug 2016
Document Revision: 15

Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.

Leave a Reply