CVE-2024-27655

Name of the Vulnerable Software and Affected Versions D-Link DIR-823G version A1V1.0.2B05

Description The issue is related to a buffer overflow via the SOAPACTION parameter, allowing attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. This is associated with the sub 41D354() function in the D-Link DIR-823G router's firmware.

Recommendations For D-Link DIR-823G version A1V1.0.2B05, as a temporary workaround, consider disabling the sub 41D354() function until a patch is available. Restrict access to the SOAPACTION parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.