D-Link DCS-5020L Stack-Based Buffer Overflow Vulnerability in websReadEvent Function

A critical stack-based buffer overflow vulnerability has been identified in the D-Link DCS-5020L camera, specifically in firmware version 1.01_B2. The issue arises in the websReadEvent function within the ptDC.cgi file, where improper handling of the Authorization header in POST requests creates a potential for remote exploitation. This vulnerability affects devices that are no longer supported by the manufacturer.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /rame/ptdc.cgi endpoint with a crafted Authorization header. The header must include the string 'Authorization: Digest Basic' followed by a payload that exploits the buffer overflow by including excessive data that exceeds the buffer's capacity.