First published: Fri Jul 13 2018(Updated: )
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-823 Firmware | ||
Dlink Dir-823 | ||
Dlink Dir-822 Firmware | ||
Dlink Dir-822 | ||
Dlink Dir-818l\(w\) Firmware | ||
Dlink Dir-818l\(w\) | ||
Dlink Dir-895l Firmware | ||
Dlink Dir-895l | ||
Dlink Dir-890l Firmware | ||
Dlink Dir-890l | ||
Dlink Dir-885l Firmware | ||
Dlink Dir-885l | ||
Dlink Dir-880l Firmware | ||
Dlink Dir-880l | ||
Dlink Dir-868l Firmware | ||
Dlink Dir-868l | ||
Dlink Dir-850l Firmware | ||
Dlink Dir-850l |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-6563 is a vulnerability that causes a buffer overflow in the stack of some D-Link DIR routers when processing malformed SOAP messages during the HNAP Login action.
The vulnerable XML fields within the SOAP body are Action, Username, LoginPassword, and Captcha.
The following D-Link routers are affected: DIR-823, DIR-822, DIR-818L.
CVE-2016-6563 has a severity rating of 9.8 (critical).
You can find more information about CVE-2016-6563 at the following references: http://seclists.org/fulldisclosure/2016/Nov/38, http://www.securityfocus.com/bid/94130, https://www.exploit-db.com/exploits/40805/