CVE-2018-11013

Name of the Vulnerable Software and Affected Versions D-Link DIR-816 A2 firmware version 1.10B05

Description The issue is related to a stack-based buffer overflow in the websRedirect function, which can be exploited by sending a specially crafted HTTP request with a long Host header. This allows unauthenticated remote attackers to execute arbitrary code.

Recommendations For D-Link DIR-816 A2 firmware version 1.10B05, consider restricting access to the websRedirect function until a patch is available. As a temporary workaround, avoid using the Host header in HTTP requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.