CVE-2023-27720

Vulnerability

A stack-based buffer overflow vulnerability exists in the sub_48d630 function of D-Link DIR878 firmware version 1.30B08 [1]. The function reads a user-provided parameter without any length check, leading to a stack-based buffer overflow when the input exceeds the buffer size [1]. This affects the firmware as available from the vendor's download site for revision A [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the affected device, supplying overly long data to the parameter processed by sub_48d630 [1]. No authentication is required, making the vulnerability remotely exploitable over the network [1]. The vendor advisory does not provide detailed exploit steps, but the researcher notes that a proof-of-concept could be developed [1].

Impact

Successful exploitation allows an attacker to cause a denial of service (DoS) by crashing the device, or to execute arbitrary code on the router with root privileges, leading to full device compromise [1].

Mitigation

D-Link's security bulletin page does not list a specific patch for this vulnerability at the time of publication [2]. Users should monitor the vendor's security advisory page for a firmware update. As the device may be approaching end-of-life, users should consider replacing the router if no patch becomes available [2].