D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings.
The vulnerability results from improper handling of the curTime parameter in the formLanSetupRouterSettings function — lack of proper validation of input data length (CWE-120, classic buffer overflow). An attacker can send specially crafted network request to the device containing an excessively long value of the curTime parameter, causing a buffer overflow in memory. Due to the network vector (AV:N), lack of authentication requirement (PR:N), and lack of user interaction (UI:N), the attack can be conducted remotely without any additional prerequisites.
Successful exploitation of the vulnerability may allow an attacker to remotely execute arbitrary code (RCE) on the device, and consequently to gain full control over the router, compromising the confidentiality, integrity, and availability of the network.
Apply patches available from the manufacturer according to the references. If an update is not available, it is recommended to restrict access to the device's administrative interface exclusively to trusted hosts on the local network and to disable remote management via WAN. Consider replacing the device with one actively supported by the manufacturer.
D-Link DIR-600L Ax with firmware version 116WWb01
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Dir 600l
HWDlinka1Dlink Dir 600l Firmware
OSDlink1.16wwb01
Related vulnerabilities
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInt...
Hardcoded backdoor telnet w D-Link DIR-600L — nieautoryzowany dostęp root
D-Link DIR-600L A1: hardcoded backdoor telnet z dostępem root
Buffer overflow w D-Link DIR-600L — podatność krytyczna RCE
Buffer overflow w D-Link DIR600L – parametr curTime w formSetEnableWizard