CVE-2012-10021

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L versions 1.12 through 1.13

Description A stack-based buffer overflow exists in the getAuthCode() function when processing CAPTCHA data. Exploitation may allow a remote attacker to execute arbitrary code with root privileges. The issue is due to the unsafe use of sprintf() when processing user-supplied data via the FILECODE parameter.

Recommendations D-Link DIR-605L version 1.12: At the moment, there is no information about a newer version that contains a fix for this vulnerability. D-Link DIR-605L version 1.13: At the moment, there is no information about a newer version that contains a fix for this vulnerability.