CVE-2014-3936: Buffer Overflow
First published: Mon Jun 02 2014(Updated: )
Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in a GetDeviceSettings action in an HNAP request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DIR-505L SharePort Mobile Companion Firmware | <=1.07 | |
| Dlink Dir505 Shareport Mobile Companion Firmware | =a1 | |
| Dlink Dir-505l Shareport Mobile Companion Firmware | <=1.01 | |
| Dlink Dir-505l Shareport Mobile Companion Firmware | =a1 | |
| D-Link DSP-W215 | <=1.01 | |
| D-Link DSP-W215 | =a1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/127427/D-Link-HNAP-Request-Remote-Buffer-Overflow.html
- http://secunia.com/advisories/58728
- http://secunia.com/advisories/58972
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10027
- http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10029
- http://www.devttys0.com/2014/05/hacking-the-d-link-dsp-w215-smart-plug
- http://www.securityfocus.com/bid/67651
Frequently Asked Questions
What is the severity of CVE-2014-3936?
CVE-2014-3936 is rated as high severity due to its ability to allow remote attackers to execute arbitrary code.
How do I fix CVE-2014-3936?
To mitigate CVE-2014-3936, update the firmware of affected D-Link devices to the latest version available.
Which devices are affected by CVE-2014-3936?
CVE-2014-3936 affects D-Link DSP-W215, DIR-505, and DIR-505L devices running specific vulnerable firmware versions.
What type of attack is possible using CVE-2014-3936?
CVE-2014-3936 can be exploited through a stack-based buffer overflow via a manipulated Content-Length header.
Is there a risk of data loss with CVE-2014-3936?
Yes, exploiting CVE-2014-3936 could potentially lead to data loss and unauthorized access to the affected device.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dlink
- canonical/d-link dir-505l shareport mobile companion firmware
- version/d-link dir-505l shareport mobile companion firmware/1.07
- canonical/dlink dir505 shareport mobile companion firmware
- version/dlink dir505 shareport mobile companion firmware/a1
- canonical/dlink dir-505l shareport mobile companion firmware
- version/dlink dir-505l shareport mobile companion firmware/1.01
- version/dlink dir-505l shareport mobile companion firmware/a1
- canonical/d-link dsp-w215
- version/d-link dsp-w215/1.01
- version/d-link dsp-w215/a1