CVE-2021-27114

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05

Description: An issue was discovered that could lead to a Stack-Based Buffer Overflow. This occurs when a very long text entry is made for the s ip and s mac fields within the handler function of the "/goform/addassignment" route, potentially allowing the return address to be overwritten.

Recommendations: For D-Link DIR-816 A2 version 1.10 B05, as a temporary workaround, consider restricting access to the "/goform/addassignment" route until a patch is available. Avoid using very long text entries for the s ip and s mac fields in this route to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.