D-Link Vulnerability Vendor: D-Link Product: DIR619L Version: 2.06B01 Type: Stack Overflow Author: Jiajian Peng Mail: pengjiajian@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description We found a stack overflow vulnerability in the D-Link router with firmware version 2.06B01, which allows remote attackers to crash the server. Stack Overflow In the function, the parameter is directly passed by the attacker. If this data is too long, it will cause a stack overflow, allowing control over the to execute arbitrary code. The input has not been checked. The parameter is copied to a local variable on the stack, overriding the return address of the function and causing buffer overflow. Code Snippet PoC Result The target router crashes and cannot provide services correctly and persistently.