CVE-2023-27718
Description
D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack overflow in D-Link DIR878 1.30B08's sub_498308 function allows unauthenticated remote attackers to cause DoS or execute arbitrary code.
Vulnerability
The vulnerability is a stack-based buffer overflow in the sub_498308 function of D-Link DIR878 firmware version 1.30B08. The function reads a user-provided parameter without proper length checking, leading to overflow [2]. The affected version is DIR878 1.30B08 [2].
Exploitation
An attacker can exploit this vulnerability by sending a crafted payload to the vulnerable endpoint. No authentication is required, as the function is reachable without prior login [2]. The attacker must be able to send network requests to the device.
Impact
Successful exploitation allows an attacker to cause a denial of service (DoS) or execute arbitrary code with the privileges of the affected process, likely leading to full device compromise [2].
Mitigation
As of the publication date, D-Link has not released a patched firmware version. The D-Link security bulletin [1] does not specify a fix. Users should monitor D-Link's official support page for updates. No workaround is documented.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- D-Link/DIR878description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.