0xcc12138/DCS-935L-HNAP-Service-CVE
GitHub
Releases0
This vulnerability exists in the HNAP service handler of the D-Link DCS-935L firmware. An attacker can exploit a flaw in `AESDecrypt` and its underlying decoding function by sending a specially crafted malicious XML request, triggering a stack-based buffer overflow and subsequently achieving Remote Code Execution (RCE).
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 8.8 HIGH | 9 HIGH | ||
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used. | |||