CVE-2023-39750

Name of the Vulnerable Software and Affected Versions D-Link DAP-2660 version 1.13

Description The issue is related to a buffer overflow error in the f ipv6 enable parameter at the /bsc ipv6 endpoint. This can be exploited via a crafted POST request to the /bsc ipv6 endpoint, potentially allowing a remote attacker to gain unauthorized access to protected information or cause a denial of service.

Recommendations For D-Link DAP-2660 version 1.13, as a temporary workaround, consider disabling the f ipv6 enable parameter at the /bsc ipv6 endpoint until a patch is available. Restrict access to the /bsc ipv6 endpoint to minimize the risk of exploitation. Avoid using the f ipv6 enable parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.