Buffer Overflow Vulnerability in D-Link DSL-3782 Diagnostics Functionality

Buffer Overflow Vulnerability in D-Link DSL-3782 Diagnostics Functionality

CVE-2018-8941 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi.

Learn more about our Api Penetration Testing.