CVE-2021-33265

Name of the Vulnerable Software and Affected Versions D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410

Description The issue is related to a stack buffer overflow vulnerability in the function FUN 80046eb4 in the /formSetPortTr endpoint. This vulnerability can be triggered via a crafted POST request, potentially allowing a remote attacker to execute arbitrary code in the system.

Recommendations For D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410, consider disabling the FUN 80046eb4 function in the /formSetPortTr endpoint as a temporary workaround until a patch is available. Restrict access to the /formSetPortTr endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.