Thursday, 10 November 2016

D-link routers - Buffer overflow vulnerability

As reported on US-cert, D-link routers have the buffer overflow vulnerability. Specifically it was mentioned that it is the stack-based buffer overflow vulnerability (the buffer overwritten is located on the stack), this is due to  SOAP malfunction. It has to do with the action of login (username, password, login action and the captcha).

How this may have worked:
An attacker can leverage this vulnerability by injecting a shellcode through the login function and this can cause a stack overrun, which will the return address in the stack to be overwritten and the attacker can gain root privileges. Basically, in the shellcode, the attacker specifies where its own return address, this gives the attacker the upper hand and an elevated privilege.

Solution to D-link users: Update your firmware, there's a new update available

If you have a better explanation, I will appreciate it very much.

No comments:

Post a Comment