D-Link DIR routers found with buffer overfow flaw

Share this…

D-Link DIR model router’s Home Network Administration Protocol (HNAP) service contains a stack-based buffer overflow that has not been patched by the manufacturer.

The flaw, listed under CVE-2016-6563, and spotted by Pedro Ribeiro, at Agile Information Security, can allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. The buffer overflow in the stack occurs when the router processes a malformed simple object access protocol (SOAP) messages when performing the HNAP login function.

Image result for D-Link DIR routers

“The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha,” wrote Trent Novelly, on the Carnegie Mellon University Vulnerability Notes Database.

There is no solution available yet from D-Link, but Novelly suggested disabling remote administration of the router as a possible solution.

Source: https://www.scmagazine.com/