B1Nn

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical issue has been found in the function `formEasySetupWizard3`, where the manipulation of the `host` argument leads to a buffer overflow. This issue can be exploited remotely. It affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `formEasySetupWizard3` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions 2.07B01 and earlier **Description** A critical issue has been identified that affects the `formEasySetupWizard` function. The manipulation of the `host` argument leads to a buffer overflow. This issue can be exploited remotely. It is noted that this issue only affects products that are no longer supported by the manufacturer. **Recommendations** For D-Link DIR-600L versions 2.07B01 and earlier, as a temporary workaround, consider disabling the `formEasySetupWizard` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the `host` argument in the affected setup wizard until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical issue was found in the formLogin function, where manipulation of the `host` argument leads to a buffer overflow. This can be initiated remotely. The issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the formLogin function until a patch is available. Restrict access to the formLogin function to minimize the risk of exploitation. Avoid using the `host` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical issue affects the `formSetLog` function. The manipulation of the `host` argument leads to buffer overflow. The attack may be initiated remotely. This issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `formSetLog` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the `host` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions 2.07B01 and earlier **Description** A critical issue has been identified, affecting the function `formSetWAN Wizard534`. The manipulation of the argument `host` leads to a buffer overflow, allowing for remote attack execution. This issue only affects products that are no longer supported by the manufacturer. **Recommendations** For D-Link DIR-600L versions 2.07B01 and earlier, as a temporary workaround, consider disabling the `formSetWAN Wizard534` function until a patch is available. Restrict access to the affected function to minimize the risk of exploitation. Avoid using the `host` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical vulnerability was found in the D-Link DIR-600L, affecting the function `formWlSiteSurvey`. The manipulation of the argument `host` leads to a buffer overflow. This issue can be exploited remotely and only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `formWlSiteSurvey` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical issue affects the function `formSetWanL2TP`. The manipulation of the `host` argument leads to a buffer overflow, allowing remote attacks. This issue only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `formSetWanL2TP` function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the `host` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical vulnerability has been found in the D-Link DIR-600L, affecting the `formSysCmd` function. The manipulation of the `host` argument leads to command injection. This issue can be exploited remotely and only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `formSysCmd` function until a patch is available. Restrict access to the `host` argument in the `formSysCmd` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-600L versions up to 2.07B01 **Description** A critical vulnerability was found in the `wake on lan` function, allowing for command injection through the manipulation of the `host` argument. This issue can be exploited remotely and only affects products that are no longer supported by the maintainer. **Recommendations** For D-Link DIR-600L versions up to 2.07B01, as a temporary workaround, consider disabling the `wake on lan` function until a patch is available. Restrict access to the `wake on lan` functionality to minimize the risk of exploitation. Avoid using the `host` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.