Vulnerability Description
Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service.
CVSS Score
8.8
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dir-850L Firmware | 1.14b07 |
| Dlink | Dir-850L | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/96747Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/viewAlert.x?alertId=52967PatchThird Party Advisory
- https://twitter.com/NCCGroupInfosec/status/845269159277723649Third Party Advisory
- https://www.kb.cert.org/vuls/id/305448Third Party AdvisoryUS Government ResourceVDB Entry
- https://www.nccgroup.trust/uk/our-research/d-link-dir-850l-web-admin-interface-vThird Party Advisory
- http://www.securityfocus.com/bid/96747Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/viewAlert.x?alertId=52967PatchThird Party Advisory
- https://twitter.com/NCCGroupInfosec/status/845269159277723649Third Party Advisory
- https://www.kb.cert.org/vuls/id/305448Third Party AdvisoryUS Government ResourceVDB Entry
- https://www.nccgroup.trust/uk/our-research/d-link-dir-850l-web-admin-interface-vThird Party Advisory
FAQ
What is CVE-2017-3193?
CVE-2017-3193 is a vulnerability with a CVSS score of 8.8 (HIGH). Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service.
How severe is CVE-2017-3193?
CVE-2017-3193 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3193?
Check the references section above for vendor advisories and patch information. Affected products include: Dlink Dir-850L Firmware, Dlink Dir-850L.