CVE-2018-17065

Name of the Vulnerable Software and Affected Versions D-Link DIR-816 A2 version 1.10 B05

Description The issue is related to a stack-based buffer overflow in the handler function of the "/goform/DDNS" route. This overflow can occur when a very long password is used, potentially allowing an attacker to overwrite the return address and execute arbitrary code. The vulnerability is associated with a buffer overflow in the /goform/DDNS component of the D-Link DIR-816 A2 router's firmware.

Recommendations For D-Link DIR-816 A2 version 1.10 B05, consider restricting access to the "/goform/DDNS" route until a patch is available. As a temporary workaround, avoid using very long passwords for the DDNS configuration to minimize the risk of exploitation.