D-Link DI-8200 Buffer Overflow Vulnerability in IPSec Function

A buffer overflow vulnerability has been identified in the D-Link DI-8200 router, specifically in version 16.07.26A1. The issue arises in the IPSec network application service function, where the 'remot_ip' parameter is processed. This vulnerability can be exploited by sending a crafted 'remot_ip' value, leading to a stack overflow.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, where the device becomes unresponsive or crashes.

Reproduction

The vulnerability can be reproduced by sending a packet that includes a very long 'remot_ip' parameter. This can be done using a network packet crafting tool or script that modifies the IPsec negotiation packets to include the oversized 'remot_ip' data. Once the packet is sent, the router will process the overflowed data, leading to a stack overflow and causing the device to crash.