D Link · D-Link Dap-2310 · CVE-2024-45623
**Name of the Vulnerable Software and Affected Versions**
D-Link DAP-2310 Hardware A Firmware 1.16RC028
**Description**
The issue is related to a stack-based buffer overflow in the ATP binary that handles PHP HTTP GET requests for the Apache HTTP Server. This allows remote attackers to execute arbitrary code. The vulnerability only affects products that are no longer supported by the maintainer.
**Recommendations**
For D-Link DAP-2310 Hardware A Firmware 1.16RC028, consider isolating vulnerable devices on separate VLANs and plan to decommission them as soon as possible.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.