Vulnerability Note VU#677427
D-Link routers HNAP service contains stack-based buffer overflow
Original Release date: 07 Nov 2016 | Last revised: 10 Nov 2016
D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action.
CWE-121: Stack-based Buffer Overflow – CVE-2016-6563
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack.
The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha.
CVE-2016-6563 appears to affect:
A remote, unauthenticated attacker may be able to execute arbitrary code with root privileges.
Apply an update
D-Link has released firmware updates to address the vulnerabilities in affected routers. Please see their announcement.
If you are unable to update your device, please see the following workarounds:
As a general good security practice, only allow connections from trusted hosts and networks.
Additionally, you may wish to disable remote administration of the router.
Vendor Information (Learn More)
VendorStatusDate NotifiedDate UpdatedD-Link Systems, Inc.Affected12 Sep 201627 Oct 2016If you are a vendor and your product is affected, let
CVSS Metrics (Learn More)
Thanks to Pedro Ribeiro (firstname.lastname@example.org) of Agile Information Security for reporting this vulnerability.
This document was written by Trent Novelly.
07 Nov 2016
Date First Published:
07 Nov 2016
Date Last Updated:
10 Nov 2016
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.