Support Announcements
CVE-2016-5681 - VU#332115 - Some D-Link routers are vulnerable to buffer overflow exploit.

 

Some active D-Link DIR-model routers contain a stack-based buffer overflow vulnerability, which may allow a remote attack to execute arbitrary code.

 

Referencing: CWE-121 CVE-2016-5681 VU#332115

 

3rd Party Incident Report:

 

CERT Record :: Details Here

 

Initial Report for this vulnerability was Taiwan local security community (TDOH) :: Details Here

 

Secondary Report for DIR-850L coordinating the same issue:

Daniel.Romero@nccgroup.trust on 6/1/2016 : NCC Group
Street: Calle Serrano Galvache Number: 56 Building: Abedul Floor: 4th, Madrid, 28033

 

Affected Devices:

  • DIR-850L Rev.B1
  • DIR-822 Rev.A1
  • DIR-823 Rev.A1
  • DIR-895L Rev.A1
  • DIR-890L Rev.A1
  • DIR-885L Rev.A1
  • DIR-880L Rev.A1
  • DIR-868L Rev.B1
  • DIR-868L Rev.C1
  • DIR-817L(W) Rev.Ax
  • DIR-818L(W) Rev.Ax

 

Fixed Firmware:

 

Thank You,

Security Incident Response Team

security@dlink.com