CVE-2023-51615

Name of the Vulnerable Software and Affected Versions D-Link DIR-X3260 (affected versions not specified)

Description The issue is related to a buffer overflow vulnerability in the prog.cgi component of D-Link DIR-X3260 Wi-Fi routers, allowing remote attackers to execute arbitrary code. The vulnerability exists due to the lack of proper validation of a user-supplied string before copying it to a fixed-length stack-based buffer. This can be exploited by network-adjacent attackers who have authentication credentials. The vulnerability is associated with the SetQuickVPNSettings PSK function and can allow code execution in the context of root.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.