exploitDog

GHSA-2jv7-c5x2-xf95

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.

D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.

Ссылки

EPSS

Процентиль: 80%

0.01357

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-120

Связанные уязвимости

CVE-2019-6258

CVSS3: 9.8

nvd

больше 5 лет назад

D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.

EPSS

Процентиль: 80%

0.01357

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-120