D-Link DIR-645
0 remedies
cpe:2.3:h:d-link:dir-645:*:*:*:*:*:*:*, +2 more
0 remedies
- <= 1.03
D-Link DIR-645 Stack-Based Buffer Overflow Vulnerability Allowing Remote Code Execution
Vulnerability
A stack-based buffer overflow vulnerability has been identified in the D-Link DIR-645 router, specifically in firmware versions 1.01, 1.02, and 1.03. The issue resides in the `hedwigcgi_main` function of the `/cgi-bin/hedwig.cgi` file. This vulnerability allows for remote code execution by overwriting the return address on the stack and hijacking the program's execution flow.
Impact
Exploitation of this vulnerability leads to remote code execution on the affected device.
Reproduction
The vulnerability can be reproduced by sending a crafted HTTP request that includes an excessively long user session identifier. This can be done using a tool like `curl` or through a custom script that automates the process. The key is to overwrite the stack buffer in such a way that the return address is manipulated to point to a location containing malicious payloads.
Added: Apr 9, 2026, 12:19 AM
Updated: Apr 9, 2026, 12:19 AM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
7.5exploitability
8.5remediation
0.0relevance
5.5threat
6.4urgency
2.9incentive
8.3Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.