CVE-2023-41230

Name of the Vulnerable Software and Affected Versions D-Link DIR-3040 (affected versions not specified)

Description The issue is related to a stack-based buffer overflow in the prog.cgi component of the D-Link DIR-3040 wireless router's firmware. This occurs when handling HNAP requests on TCP ports 80 and 443. An attacker can exploit this by sending specially crafted HNAP requests, potentially allowing remote code execution without requiring authentication. The flaw exists due to the lack of proper validation of user-supplied strings before copying them to a fixed-size stack-based buffer, enabling an attacker to execute code in the context of root.

Recommendations As a temporary workaround, consider disabling the prog.cgi binary until a patch is available. Restrict access to the TCP ports 80 and 443 to minimize the risk of exploitation. Avoid using the vulnerable prog.cgi component in the affected D-Link DIR-3040 routers until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.