Vulnerabilities > CVE-2020-9535 - Out-of-bounds Write vulnerability in Dlink Dir-615Jx10 Firmware

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dlink

CWE-787

NVD

Published: 2020-03-02

Updated: 2023-04-26

Summary

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed.

Vulnerable Configurations

Part	Description	Count
OS	Dlink Dlink DIR 615Jx10 Firmware -	1
Hardware	Dlink Dlink DIR 615Jx10 -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/ladinas/Vulns_of_Embedded_Systems/blob/master/Two%20stack%20overflows%20were%20found%20in%20DIR-615Jx10.0%20Devices.pdf