CVE-2022-37134

Name of the Vulnerable Software and Affected Versions D-link DIR-816 version A2 v1.10CNB04.img

Description The issue arises from a Buffer Overflow vulnerability via the /goform/form2Wan.cgi endpoint. When wantype is 3, the l2tp usrname will be decrypted by base64, and the result will be stored in v94. This process does not check the size of l2tp usrname, resulting in a stack overflow.

Recommendations For D-link DIR-816 version A2 v1.10CNB04.img, as a temporary workaround, consider restricting access to the /goform/form2Wan.cgi endpoint until a patch is available. Additionally, avoid using the l2tp usrname variable in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.