CVE-2021-33270

Name of the Vulnerable Software and Affected Versions D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410

Description A stack buffer overflow issue exists in the FUN 800462c4 function, located in the /formAdvFirewall endpoint. This issue can be triggered via a crafted POST request, potentially allowing a remote attacker to execute arbitrary code in the system.

Recommendations For D-Link DIR-809 devices with firmware through DIR-809Ax FW1.12WWB03 20190410, as a temporary workaround, consider disabling the FUN 800462c4 function in the /formAdvFirewall endpoint until a patch is available. Restrict access to the /formAdvFirewall endpoint to minimize the risk of exploitation. Avoid using the vulnerable function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.