CVE-2018-10748

Name of the Vulnerable Software and Affected Versions D-Link DSL-3782 versions 1.01

Description The issue is related to a buffer overflow in the /userfs/bin/tcapi binary of the Diagnostics component in the D-Link DSL-3782 router's firmware. This can be exploited by passing a long buffer as the show parameter to the /userfs/bin/tcapi binary using the show <node name> function, allowing an authenticated user to cause memory corruption and potentially execute arbitrary code.

Recommendations For version 1.01, consider restricting access to the /userfs/bin/tcapi binary until a patch is available. As a temporary workaround, avoid using the show parameter with long buffers in the show <node name> function to minimize the risk of exploitation.