CVE-2024-27683

Vulnerability

The D-Link Go-RT-AC750 router (model GORTAC750_A1_FW_v101b03) contains a stack-based buffer overflow vulnerability in the hnap_main function. The flaw is triggered when a specially crafted POST request is sent to the HNAP (Home Network Administration Protocol) endpoint. No authentication or prior access is required to reach the vulnerable code path. The vulnerable firmware version is v101b03.

Exploitation

An attacker can exploit this vulnerability by sending a malicious POST request to the router's HNAP interface. The attacker does not need any authentication or special network position beyond being able to reach the router's management interface (typically on the local network). By crafting an HTTP POST request with an overly long parameter, the stack buffer in hnap_main is overflowed, overwriting adjacent memory.

Impact

Successful exploitation can cause a denial of service (DoS) due to a crash of the device. In some cases, an attacker may be able to achieve arbitrary code execution, gaining full control of the router. The impact is severe as the device handles all network traffic for the local network.

Mitigation

As of the publication date (March 21, 2024), D-Link has not released a firmware update, and the device is likely end-of-life (EOL) based on the bulletin reference [1]. Users are advised to replace the device if it is EOL, or if a patch becomes available, apply it immediately. Until then, consider disabling remote management or restricting access to the router's web interface from the local network only, though this may not fully mitigate the vulnerability.