CVE-2018-10996

Name of the Vulnerable Software and Affected Versions D-Link DIR-629-B1 (affected versions not specified)

Description The issue is caused by a buffer overflow in the weblogin log function. This can be exploited by a remote attacker using a specially crafted request to the session.cgi?ACTION=logout endpoint, which includes a long value for the REMOTE ADDR environment variable. Successful exploitation may allow the attacker to execute arbitrary code or cause a denial of service.

Recommendations As a temporary workaround, consider disabling the weblogin log function until a patch is available. Restrict access to the session.cgi endpoint to minimize the risk of exploitation. Avoid using long values for the REMOTE ADDR environment variable in the affected endpoint until the issue is resolved.