CVE-2023-35746

Name of the Vulnerable Software and Affected Versions D-Link DAP-2622 (affected versions not specified)

Description The issue is related to a buffer overflow in the DDP service of the D-Link DAP-2622 wireless access point's firmware. This can be exploited by a remote attacker to execute arbitrary code. The flaw exists due to the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.