Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlink dir-823_firmware - |
||
dlink dir-822_firmware - |
||
dlink dir-818l\\(w\\)_firmware - |
||
dlink dir-895l_firmware - |
||
dlink dir-890l_firmware - |
||
dlink dir-885l_firmware - |
||
dlink dir-880l_firmware - |
||
dlink dir-868l_firmware - |
||
dlink dir-850l_firmware - |