PT-2024-2145 · D Link · D-Link Dir-822-Ca+1
Eng De Sheng
+1
·
Published
2024-03-11
·
Updated
2024-08-05
·
CVE-2024-25331
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
D-Link DIR-822 versions 2.02KRB09 through 2.03WWb01
D-Link DIR-822-CA versions 2.02KRB09 through 2.03WWb01
Description
The issue is related to a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow. This vulnerability can be exploited by unauthenticated attackers to gain arbitrary remote code execution on the vulnerable router.
Recommendations
For D-Link DIR-822 versions 2.02KRB09 through 2.03WWb01: Replace the router immediately.
For D-Link DIR-822-CA versions 2.02KRB09 through 2.03WWb01: Replace the router immediately.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
D-Link Dir-822
D-Link Dir-822-Ca