Xsz

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow vulnerability in the D-Link N300 WI-FI Router DIR-605L, which can be exploited via the `webpage` parameter at the "/goform/formWlanGuestSetup" endpoint. This can allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For version 2.13B01, as a temporary workaround, consider disabling access to the "/goform/formWlanGuestSetup" endpoint until a patch is available. Restrict the use of the `webpage` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow via the `wan connected` parameter at the "/goform/formEasySetupWizard3" endpoint. This can potentially allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, as a temporary workaround, consider disabling access to the "/goform/formEasySetupWizard3" endpoint until a patch is available. Restrict the use of the `wan connected` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow in the /goform/formSetACLFilter component, which can be triggered via the `curTime` parameter. This can potentially allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, as a temporary workaround, consider restricting access to the /goform/formSetACLFilter endpoint or avoiding the use of the `curTime` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow vulnerability in the /goform/formSchedule component of the D-Link N300 WI-FI Router DIR-605L, which can be exploited via the `curTime` parameter. This can allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For version 2.13B01, consider disabling access to the /goform/formSchedule endpoint until a patch is available. As a temporary workaround, avoid using the `curTime` parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow in the D-Link N300 WI-FI Router DIR-605L, which can be triggered via the `config.smtp email subject` parameter at the "/goform/formSetEmail" endpoint. This can potentially allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, consider disabling the `/goform/formSetEmail` endpoint or restricting access to the `config.smtp email subject` parameter until a patch is available. Avoid using the `config.smtp email subject` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow in the D-Link N300 WI-FI Router DIR-605L, which can be triggered via the `curTime` parameter at the "/goform/formSetRoute" API endpoint. This can potentially allow a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, consider disabling access to the "/goform/formSetRoute" API endpoint or restricting the use of the `curTime` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow vulnerability via the `curTime` parameter at the "/goform/formSetWanDhcpplus" API endpoint. This vulnerability can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, as a temporary workaround, consider disabling access to the "/goform/formSetWanDhcpplus" API endpoint until a patch is available. Additionally, restrict the use of the `curTime` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is caused by a stack overflow via the webpage parameter at "/goform/formWPS". This can allow a remote attacker to execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, consider disabling access to the "/goform/formWPS" endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** A stack overflow issue was discovered in the D-Link N300 WI-FI Router DIR-605L, related to the webpage parameter at "/goform/formSetWanDhcpplus". This issue is associated with a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, consider disabling access to the "/goform/formSetWanDhcpplus" webpage parameter as a temporary workaround until a patch is available. Restrict access to this parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** D-Link N300 WI-FI Router DIR-605L version 2.13B01 **Description** The issue is related to a stack overflow that occurs when handling the `FILECODE` parameter at the "/goform/formLogin" API endpoint. This can potentially allow a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability is also associated with the processing of a binary file in the bin directory. **Recommendations** For D-Link N300 WI-FI Router DIR-605L version 2.13B01, as a temporary workaround, consider restricting access to the "/goform/formLogin" API endpoint to minimize the risk of exploitation. Avoid using the `FILECODE` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.