Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for DIR-868L by D-Link

    CVE-2026-3485 (GCVE-0-2026-3485)

    Vulnerability from nvd – Published: 2026-03-03 21:02 – Updated: 2026-03-03 21:32 Unsupported When Assigned
    VLAI
    Title
    D-Link DIR-868L SSDP Service sub_1BF84 os command injection
    Summary
    A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.348560 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.348560 signaturepermissions-required
    https://vuldb.com/?submit.764759 third-party-advisory
    https://kn0sinna.notion.site/dlink-dir-868l-ssdp-… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DIR-868L Affected: 110b03
    Create a notification for this product.
    Credits
    Xuhsy (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3485",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-03T21:32:35.283147Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T21:32:41.532Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SSDP Service"
              ],
              "product": "DIR-868L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "110b03"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Xuhsy (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 10,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T21:02:10.454Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-348560 | D-Link DIR-868L SSDP Service sub_1BF84 os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.348560"
            },
            {
              "name": "VDB-348560 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.348560"
            },
            {
              "name": "Submit #764759 | D-Link dir-868I REVA1_FW110b03 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.764759"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-03T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-03T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-03T16:28:52.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DIR-868L SSDP Service sub_1BF84 os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3485",
        "datePublished": "2026-03-03T21:02:10.454Z",
        "dateReserved": "2026-03-03T15:23:23.561Z",
        "dateUpdated": "2026-03-03T21:32:41.532Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2016-6563 (GCVE-0-2016-6563)

    Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-06 01:36
    VLAI
    Title
    D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action
    Summary
    Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/40805/ exploitx_refsource_EXPLOIT-DB
    https://www.kb.cert.org/vuls/id/677427 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/94130 vdb-entryx_refsource_BID
    http://seclists.org/fulldisclosure/2016/Nov/38 mailing-listx_refsource_FULLDISC
    Date Public
    2016-11-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:36:28.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40805",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40805/"
              },
              {
                "name": "VU#677427",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/677427"
              },
              {
                "name": "94130",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94130"
              },
              {
                "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DIR-823",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-822",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-818L(W)",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-895L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-890L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-885L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-880L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-868L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-850L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            }
          ],
          "datePublic": "2016-11-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-14T09:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "40805",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40805/"
            },
            {
              "name": "VU#677427",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "https://www.kb.cert.org/vuls/id/677427"
            },
            {
              "name": "94130",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94130"
            },
            {
              "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-6563",
              "STATE": "PUBLIC",
              "TITLE": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DIR-823",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-822",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-818L(W)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-895L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-890L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-885L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-880L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-868L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-850L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40805",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40805/"
                },
                {
                  "name": "VU#677427",
                  "refsource": "CERT-VN",
                  "url": "https://www.kb.cert.org/vuls/id/677427"
                },
                {
                  "name": "94130",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94130"
                },
                {
                  "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-6563",
        "datePublished": "2018-07-13T20:00:00.000Z",
        "dateReserved": "2016-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:36:28.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-3485 (GCVE-0-2026-3485)

    Vulnerability from cvelistv5 – Published: 2026-03-03 21:02 – Updated: 2026-03-03 21:32 Unsupported When Assigned
    VLAI
    Title
    D-Link DIR-868L SSDP Service sub_1BF84 os command injection
    Summary
    A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.348560 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.348560 signaturepermissions-required
    https://vuldb.com/?submit.764759 third-party-advisory
    https://kn0sinna.notion.site/dlink-dir-868l-ssdp-… exploit
    https://www.dlink.com/ product
    Impacted products
    Vendor Product Version
    D-Link DIR-868L Affected: 110b03
    Create a notification for this product.
    Credits
    Xuhsy (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3485",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-03T21:32:35.283147Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T21:32:41.532Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SSDP Service"
              ],
              "product": "DIR-868L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "110b03"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Xuhsy (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 10,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T21:02:10.454Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-348560 | D-Link DIR-868L SSDP Service sub_1BF84 os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.348560"
            },
            {
              "name": "VDB-348560 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.348560"
            },
            {
              "name": "Submit #764759 | D-Link dir-868I REVA1_FW110b03 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.764759"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://kn0sinna.notion.site/dlink-dir-868l-ssdp-command-injection-30eb1876cd6e80caa691de6fe5cab59c"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.dlink.com/"
            }
          ],
          "tags": [
            "unsupported-when-assigned"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-03T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-03T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-03T16:28:52.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "D-Link DIR-868L SSDP Service sub_1BF84 os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-3485",
        "datePublished": "2026-03-03T21:02:10.454Z",
        "dateReserved": "2026-03-03T15:23:23.561Z",
        "dateUpdated": "2026-03-03T21:32:41.532Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2016-6563 (GCVE-0-2016-6563)

    Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 01:36
    VLAI
    Title
    D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action
    Summary
    Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/40805/ exploitx_refsource_EXPLOIT-DB
    https://www.kb.cert.org/vuls/id/677427 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/94130 vdb-entryx_refsource_BID
    http://seclists.org/fulldisclosure/2016/Nov/38 mailing-listx_refsource_FULLDISC
    Date Public
    2016-11-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:36:28.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "40805",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/40805/"
              },
              {
                "name": "VU#677427",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/677427"
              },
              {
                "name": "94130",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94130"
              },
              {
                "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DIR-823",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-822",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-818L(W)",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-895L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-890L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-885L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-880L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-868L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "DIR-850L",
              "vendor": "D-Link",
              "versions": [
                {
                  "status": "unknown",
                  "version": "N/A"
                }
              ]
            }
          ],
          "datePublic": "2016-11-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-14T09:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "40805",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/40805/"
            },
            {
              "name": "VU#677427",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "https://www.kb.cert.org/vuls/id/677427"
            },
            {
              "name": "94130",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94130"
            },
            {
              "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-6563",
              "STATE": "PUBLIC",
              "TITLE": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DIR-823",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-822",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-818L(W)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-895L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-890L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-885L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-880L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-868L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "DIR-850L",
                          "version": {
                            "version_data": [
                              {
                                "affected": "?",
                                "version_affected": "?",
                                "version_value": "N/A"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "D-Link"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "40805",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/40805/"
                },
                {
                  "name": "VU#677427",
                  "refsource": "CERT-VN",
                  "url": "https://www.kb.cert.org/vuls/id/677427"
                },
                {
                  "name": "94130",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94130"
                },
                {
                  "name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2016/Nov/38"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-6563",
        "datePublished": "2018-07-13T20:00:00.000Z",
        "dateReserved": "2016-08-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:36:28.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }