Primary

Context

D-Link DIR-816 Stack-Based Buffer Overflow Vulnerability in Wireless Function

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the D-Link DIR-816 router, specifically in the 1.10CNB05 firmware version. The issue arises in the 'wirelessApcli_5g' function within the '/goform/wirelessApcli_5g' file. The vulnerability can be exploited remotely, without authentication, by manipulating the 'apcli_mode_5g', 'apcli_enc_5g', and 'apcli_default_key_5g' arguments. This exploitation leads to a crash of the router, causing a denial of service.

Impact

Exploitation of this vulnerability causes the router to crash, disrupting its normal functioning and service availability.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/wirelessApcli_5g' with an excessively long value in the 'apcli_enc_5g' parameter. The router will crash as a result of the stack overflow.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DIR-816 Stack-Based Buffer Overflow Vulnerability in Wireless Function

Vulnerability

Impact

Reproduction

Affected Products

D-Link DIR-816

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating