CVE-2006-3687

Name of the Vulnerable Software and Affected Versions D-Link DI-524 versions (affected versions not specified) D-Link DI-604 versions (affected versions not specified) D-Link DI-624 versions (affected versions not specified) D-Link DI-784 versions (affected versions not specified) D-Link WBR-1310 versions (affected versions not specified) D-Link WBR-2310 versions (affected versions not specified) D-Link EBR-2310 versions (affected versions not specified)

Description The issue is a stack-based buffer overflow in the Universal Plug and Play (UPnP) service. It allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.

Recommendations For D-Link DI-524, consider disabling the UPnP service until a patch is available. For D-Link DI-604, restrict access to UDP port 1900 to minimize the risk of exploitation. For D-Link DI-624, avoid using the M-SEARCH request in the affected UPnP service until the issue is resolved. For D-Link DI-784, consider disabling the UPnP service until a patch is available. For D-Link WBR-1310, restrict access to UDP port 1900 to minimize the risk of exploitation. For D-Link WBR-2310, avoid using the M-SEARCH request in the affected UPnP service until the issue is resolved. For D-Link EBR-2310, consider disabling the UPnP service until a patch is available.