In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow.
The sprintf function in the sub_40E700 procedure of the cgibin interface does not perform adequate verification of the size of data written to the stack. An attacker can provide specially crafted input data that exceeds the allocated stack buffer, overwriting adjacent memory areas. Due to the network vector (AV:N) and lack of authentication requirements (PR:N) and user interaction (UI:N), the exploit can be carried out remotely over the network.
Successful exploitation of the vulnerability may allow an attacker to gain full control of the device, including arbitrary code execution (RCE), reading and modifying configuration data, and permanently compromising the router's availability.
Apply patches available from the manufacturer according to the references — detailed information about updates is published in the D-LINK security bulletin at https://www.dlink.com/en/security-bulletin/. Until updates are implemented, it is recommended to restrict access to the device management interface only to trusted IP addresses and disable remote access to the administrative panel.
D-LINK Go-RT-AC750 firmware version v101b03
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Go Rt Ac750
HWDlinkwszystkie wersjeDlink Go Rt Ac750 Firmware
OSDlink101b03
Related vulnerabilities
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via...
Stack-based buffer overflow w D-Link Go-RT-AC750 via funkcja hnap_main
Stack-based buffer overflow w D-Link Go-RT-AC750 — aktywacja usługi telnet
D-Link Go-RT-AC750: hardcoded hasło umożliwia zdalny dostęp root przez telnet
Command injection w D-Link Go-RT-AC750 via hedwig.cgi