D-Link DIR-600 HTTP Header hedwig.cgi stack-based overflow

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

栈缓冲区溢出

D-Link DIR-600 安全漏洞

D-Link DIR-600是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-600 2.15WWb02及之前版本存在安全漏洞，该漏洞源于对组件HTTP Header Handler的文件hedwig.cgi中参数Cookie的错误操作，可能导致基于栈的缓冲区溢出攻击。

N/A

N/A