CVE-2021-33271

Name of the Vulnerable Software and Affected Versions D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410

Description A stack buffer overflow issue was found in the sub 80046EB4 function in the /formSetPortTr endpoint. This issue can be triggered via a crafted POST request, potentially allowing a remote attacker to execute arbitrary code in the system.

Recommendations For D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410, consider disabling the sub 80046EB4 function in the /formSetPortTr endpoint as a temporary workaround until a patch is available. Restrict access to the /formSetPortTr endpoint to minimize the risk of exploitation. Avoid using crafted POST requests to the /formSetPortTr endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.