D-Link DI-8100 Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in the D-Link DI-8100 router, specifically in version 1.0. The issue arises in the jhttpd component, within the ddns.asp file when the opt=add parameter is used. The vulnerability is triggered by manipulating the mx argument, which is processed by the sprintf function without proper input validation. This oversight allows for remote exploitation, where an attacker can send crafted HTTP requests to overflow a stack buffer, potentially overwriting the return address and leading to a denial-of-service condition or, more critically, remote code execution.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition. However, it could also be leveraged for remote code execution if the attacker can control the overwritten return address and inject a malicious payload or return-oriented programming chain.