0Xcc12138

**Name of the Vulnerable Software and Affected Versions** D-Link DCS-935L versions prior to 1.10.01 **Description** A remote buffer overflow exists in the HNAP Service component within the '/web/cgi-bin/hnap/hnap service' file. The issue occurs during the processing of the `SetDeviceSettings()` function when the `AdminPassword` argument is manipulated. This flaw allows attackers to execute arbitrary code remotely. **Recommendations** Update to a version later than 1.10.01. As a temporary workaround, disable the HNAP Service to minimize the risk of exploitation.