CVE-2023-44807

Vulnerability

The vulnerability resides in the cancelPing function of D-Link DIR-820L routers running firmware version 1.05B03. A stack overflow occurs due to improper bounds checking when handling user-supplied input, likely through the web interface or a ping-related request. The exact triggering mechanism is not publicly described, but the function is reachable via administrative or possibly unauthenticated interfaces.

Exploitation

An attacker would need network access to the router's management interface, typically on port 80 or 443. If authentication is required, valid credentials are needed. The attacker sends a crafted request to the cancelPing function containing a payload that exceeds the allocated stack buffer, overwriting adjacent memory. No user interaction beyond sending the request is required.

Impact

Successful exploitation allows the attacker to corrupt the stack, leading to denial of service (device crash or reboot) or potentially remote code execution with the privileges of the web server process (likely root). This could result in full compromise of the router.

Mitigation

As of the publication date (2023-10-06), no official patch has been released by D-Link for this vulnerability [1]. The DIR-820L may be end-of-life (EOL). Users are advised to restrict access to the management interface to trusted networks, disable remote management, and consider upgrading to a supported device. For updates, monitor the D-Link security bulletin page [1].