D-Link DCS-932L Stack-Based Buffer Overflow Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the D-Link DCS-932L camera, specifically in version 2.18.01. The issue arises in the 'setSystemEmail' function within the '/setSystemEmail' file, where the 'EmailSMTPPortNumber' parameter is manipulated. This vulnerability allows remote attackers to overflow the stack, potentially leading to arbitrary code execution. The camera model is no longer supported by the manufacturer.

Impact

Exploitation of this vulnerability causes the device to crash, disrupting its normal service and functionality.

Reproduction

To reproduce this vulnerability, send a POST request to the '/setSystemEmail' endpoint with an excessively long 'EmailSMTPPortNumber' value. This unvalidated input will trigger the stack-based buffer overflow. After the overflow is initiated, visit the '/setSystemNetwork' endpoint to confirm the exploitation, which will result in the camera crashing and failing to provide services correctly.