D-Link DI-8100 Stack-Based Buffer Overflow Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the D-Link DI-8100 router, specifically in the HTTP request handler component within the file '/menu_nat.asp'. This vulnerability arises from the manipulation of the 'out_addr', 'in_addr', 'out_port', and 'proto' arguments, allowing remote attackers to send specially crafted HTTP requests that exploit this flaw. The vulnerability was disclosed publicly and is available for exploitation.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing a denial-of-service condition on the device.

Reproduction

The vulnerability can be reproduced by sending HTTP requests to the '/menu_nat.asp' endpoint with crafted 'out_addr', 'in_addr', 'out_port', and 'proto' parameters. This can be done using a variety of tools that allow for HTTP request manipulation, such as curl or Postman. Additionally, vulnerable devices can be identified using a Google dork that searches for 'inurl:menu_nat.asp'.