CVE-2021-37388

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 C2 version 3.03WW

Description A buffer overflow issue exists, allowing an attacker to potentially crash the webserver and gain remote code execution by exploiting the ping ipaddr parameter in the "ping response.cgi" POST request.

Recommendations For D-Link DIR-615 C2 version 3.03WW, as a temporary workaround, consider restricting access to the "ping response.cgi" endpoint until a patch is available. Avoid using the ping ipaddr parameter in the affected POST request to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.