Network Security, Vulnerability Management

D-Link DIR routers found with buffer overfow flaw

D-Link DIR model router's Home Network Administration Protocol (HNAP) service contains a stack-based buffer overflow that has not been patched by the manufacturer.

The flaw, listed under CVE-2016-6563, and spotted by Pedro Ribeiro, at Agile Information Security, can allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. The buffer overflow in the stack occurs when the router processes a malformed simple object access protocol (SOAP) messages when performing the HNAP login function.

“The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha,” wrote Trent Novelly, on the Carnegie Mellon University Vulnerability Notes Database.

There is no solution available yet from D-Link, but Novelly suggested disabling remote administration of the router as a possible solution.

D-Link has not responded to an SC Media request for more information.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

ACK PiggybackingAddress Resolution Protocol (ARP)Call Admission Control (CAC)CollisionCrossover CableDatagramDecapsulationDisassemblyDistance VectorDomain Name System (DNS)

You can skip this ad in 5 seconds