CVE-2019-9125

Name of the Vulnerable Software and Affected Versions D-Link DIR-878 version 1.12B01

Description The issue is related to the misuse of the strncpy function, leading to a stack-based buffer overflow. This can be exploited remotely without authentication via the HNAP AUTH HTTP header, potentially affecting the confidentiality, integrity, and availability of protected information.

Recommendations For D-Link DIR-878 version 1.12B01, consider restricting access to the HNAP AUTH HTTP header until a patch is available. As a temporary workaround, avoid using the strncpy function in sensitive areas of the code until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.