PT-2013-5932 · D Link · D-Link Dir-100
Published
2013-10-19
·
Updated
2023-04-26
·
CVE-2013-6027
CVSS v2.0
8.5
High
| Vector | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-100 routers (affected versions not specified)
Description
A stack-based buffer overflow issue exists in the RuntimeDiagnosticPing function, located in /bin/webs on D-Link DIR-100 routers. This could potentially allow remote authenticated administrators to execute arbitrary commands. The issue is triggered by a long
set/runtime/diagnostic/pingIp parameter sent to the "Tools/tools misc.xgi" endpoint.Recommendations
For D-Link DIR-100 routers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dir-100