CVE-2016-6563

Name of the Vulnerable Software and Affected Versions D-Link DIR routers, including DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L (affected versions not specified)

Description The issue arises when processing malformed SOAP messages during the HNAP Login action, leading to a buffer overflow in the stack. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha.

Recommendations For all affected D-Link DIR router models, consider disabling the HNAP Login action until a patch is available. Restrict access to the vulnerable XML fields Action, Username, LoginPassword, and Captcha to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.