CVE-2020-9535

Опубликовано: 02 мар. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed.

Ссылки

https://github.com/ladinas/Vulns_of_Embedded_Systems/blob/master/Two%20stack%20overflows%20were%20found%20in%20DIR-615Jx10.0%20Devices.pdf
Exploit
Third Party Advisory
https://github.com/ladinas/Vulns_of_Embedded_Systems/blob/master/Two%20stack%20overflows%20were%20found%20in%20DIR-615Jx10.0%20Devices.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:dlink:dir-615jx10_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:dlink:dir-615jx10:-:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00547

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-xhr7-hgf3-h7pr