CVE-2016-6563 — CRITICAL (9.8)

Vulnerability Description

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dlink	Dir-823 Firmware	-
Dlink	Dir-823	-
Dlink	Dir-822 Firmware	-
Dlink	Dir-822	-
Dlink	Dir-818L\(W\) Firmware	-
Dlink	Dir-818L\(W\)	-
Dlink	Dir-895L Firmware	-
Dlink	Dir-895L	-
Dlink	Dir-890L Firmware	-
Dlink	Dir-890L	-
Dlink	Dir-885L Firmware	-
Dlink	Dir-885L	-
Dlink	Dir-880L Firmware	-
Dlink	Dir-880L	-
Dlink	Dir-868L Firmware	-
Dlink	Dir-868L	-
Dlink	Dir-850L Firmware	-
Dlink	Dir-850L	-

Related Weaknesses (CWE)

CWE-121 CWE-119

References

http://seclists.org/fulldisclosure/2016/Nov/38ExploitMailing ListThird Party Advisory
http://www.securityfocus.com/bid/94130Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/40805/ExploitThird Party AdvisoryVDB Entry
https://www.kb.cert.org/vuls/id/677427Third Party AdvisoryUS Government Resource
http://seclists.org/fulldisclosure/2016/Nov/38ExploitMailing ListThird Party Advisory
http://www.securityfocus.com/bid/94130Third Party AdvisoryVDB Entry
https://www.exploit-db.com/exploits/40805/ExploitThird Party AdvisoryVDB Entry
https://www.kb.cert.org/vuls/id/677427Third Party AdvisoryUS Government Resource

FAQ

What is CVE-2016-6563?

CVE-2016-6563 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, U...

How severe is CVE-2016-6563?

CVE-2016-6563 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2016-6563?

Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-823 Firmware, Dlink Dir-823, Dlink Dir-822 Firmware, Dlink Dir-822, Dlink Dir-818L\(W\) Firmware.