CVE-2020-9276

Name of the Vulnerable Software and Affected Versions D-Link DSL-2640B versions prior to the fixed version

Description The issue is caused by a stack-based buffer overflow in the do cgi() function, which processes CGI requests supplied to the device's web server. This can be exploited remotely, allowing an attacker to impact the confidentiality, integrity, and availability of protected information. Unauthenticated exploitation is possible.

Recommendations For D-Link DSL-2640B versions prior to the fixed version, update to a version that includes a fix for the buffer overflow vulnerability in the do cgi() function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.