CVE-2023-24799
Description
D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack overflow in D-Link DIR878 firmware DIR_878_FW120B05 sub_48AF78 function allows remote attackers to cause DoS or execute arbitrary code via crafted payload.
Vulnerability
A stack overflow vulnerability exists in the sub_48AF78 function of D-Link DIR878 firmware version DIR_878_FW120B05. This function is reachable via crafted input, potentially over the network, leading to a buffer overflow on the stack [1].
Exploitation
An attacker can exploit this vulnerability by sending a specially crafted payload to the affected device. No authentication is required according to the description, allowing remote exploitation. The crafted payload triggers the stack overflow in the sub_48AF78 function, corrupting the stack.
Impact
Successful exploitation leads to either a Denial of Service (DoS) or arbitrary code execution. An attacker could crash the device or potentially gain full control over it with elevated privileges [1].
Mitigation
As of the publication date (2023-04-07), no specific patch has been released by D-Link. The vendor's security bulletin page provides general guidance but does not list a fixed firmware version for this CVE [1]. Users should monitor the D-Link security bulletin for updates and consider isolating the device if possible.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- D-Link/DIR878description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.