D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify.
The vulnerability results from improper input handling in the hnap_main function, where lack of proper data length validation leads to a stack-based buffer overflow (CWE-121). An attacker can send a specially crafted POST request to the device's HNAP interface, causing stack memory areas to be overwritten. This can result in hijacking program execution flow control and executing arbitrary code.
An unauthenticated remote attacker can gain full control of the device, including the ability to read and modify configuration, intercept network traffic, and permanently compromise the router.
Patches available from the manufacturer should be applied in accordance with the references (D-Link Security Bulletin: https://www.dlink.com/en/security-bulletin/). Until an update is applied, it is recommended to restrict access to the device's administrative interface to trusted networks only and disable remote management functionality.
D-Link Go-RT-AC750 with firmware version GORTAC750_A1_FW_v101b03
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDlink Go Rt Ac750
HWDlinka1Dlink Go Rt Ac750 Firmware
OSDlink101b03
Related vulnerabilities
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via...
Stack-based buffer overflow w D-Link Go-RT-AC750 — aktywacja usługi telnet
D-Link Go-RT-AC750: hardcoded hasło umożliwia zdalny dostęp root przez telnet
Stack overflow w D-LINK Go-RT-AC750 — funkcja sprintf w cgibin
Command injection w D-Link Go-RT-AC750 via hedwig.cgi