LAN-Side Unauthenticated Remote Code Execution (RCE) in D-Link DIR-822 routers due to Stack-Based Buffer Overflow in HNAP

Updated on 6 February 2024

CVE NUMBER

TBC

SUMMARY

An unauthenticated attacker can gain Remote Code Execution in the D-Link DIR-822 router due to a stack-based buffer overflow vulnerability in the HNAP service. 

CVSSV3 SCORE

TBC

CWE

CWE-787: Out-of-bounds Write 

CWE-121: Stack-based Buffer Overflow 

DETAILS

A stack-based buffer overflow vulnerability is discovered in the (Home Network Administration Protocol) service on the D-Link DIR-822 routers. This vulnerability can be exploited by unauthenticated attackers to gain arbitrary remote code execution on the vulnerable router. 

RESOLUTION

The latest firmware version (v2.03B01) released for DIR-822-CA (Rev.B) on 27 October 2023 is still vulnerable to exploitation. Firmware development for DIR-822 (Rev. A and Rev.B models) has ceased and these devices will no longer be supported. D-Link US recommends D-Link devices that have reached EOL/EOS, to be retired and replaced. 

  • 10 January 2024 Initial contact with D-Link 

  • 16 January 2024 – Vulnerability Disclosure 

  • 31 January 2024 – Public Support Announcement by D-Link for DIR-822 

CREDIT

Ensign InfoSecurity Labs Quynh Le, Eng De Sheng 

URLS

https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10372

    Contact Us
Copyright © 2024 Ensign InfoSecurity Pte. Ltd.