CVE-2023-50211

Name of the Vulnerable Software and Affected Versions D-Link G416 (affected versions not specified)

Description The issue is related to a stack-based buffer overflow in the httpd API-AUTH Timestamp Processing function of the D-Link G416 router's HTTP microprogram. This can be exploited by a remote attacker to execute arbitrary code. The flaw exists within the HTTP service listening on TCP port 80, due to the lack of proper validation of user-supplied data length before copying it to a fixed-length stack-based buffer. An attacker can leverage this to execute code in the context of root. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.