D-Link DIR-632 Stack-Based Buffer Overflow Vulnerability in HTTP POST Request Handler
Vulnerability
A critical stack-based buffer overflow vulnerability has been identified in the D-Link DIR-632 router, specifically in the firmware version FW103B08. The issue arises in the 'get_pure_content' function of the HTTP POST request handler, where the 'Content-Length' argument is not properly validated. This vulnerability can be exploited remotely by sending a specially crafted POST request, and it affects devices that are no longer supported by the manufacturer.
Impact
Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.
Reproduction
The vulnerability can be reproduced by sending a POST request to the router with a crafted 'Content-Length' header. If the 'Content-Length' is set to a negative value, it will be interpreted as a large unsigned integer, causing an overflow when the data is read. This overflow can then be exploited to execute arbitrary code.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.