CVE-2023-24800

Vulnerability

A stack overflow vulnerability exists in the sub_495220 function of D-Link DIR878 firmware version DIR_878_FW120B05. The bug allows an attacker to cause a denial-of-service (DoS) or execute arbitrary code by sending a crafted payload. The exact nature of the input vector is not detailed in available references, but the overflow occurs in a stack buffer within the mentioned function.

Exploitation

An attacker can exploit this vulnerability by supplying a specially crafted payload to the affected device. The exact prerequisites, such as network access or authentication requirements, are not disclosed in the references [1]. However, the vulnerability is remotely exploitable, and no user interaction beyond receiving the payload is required.

Impact

Successful exploitation allows an attacker to cause a denial of service (DoS) or achieve arbitrary code execution on the device. This could lead to full compromise of the router, including potential for remote control, data leakage, or further propagation within the network. The attacker gains the ability to execute code at the device's privilege level.

Mitigation

As of the publication date (April 7, 2023), no official fix has been announced for D-Link DIR878 firmware version DIR_878_FW120B05. Users should monitor D-Link's security bulletin [1] for updates. It is recommended to check if the device is still supported; if it is end-of-life (EOL), consider upgrading to a supported model.