Intrusion Prevention

D-Link.DIR.Routers.Unauth.HNAP.Login.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Dlink DIR Routers.
The vulnerability is caused by an error when handling a malicious HTTP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the affected application, via a crafted HTTP request.

Affected Products

Dlink DIR-823
Dlink DIR-822
Dlink DIR-818L(W)
Dlink DIR-895L
Dlink DIR-890L
Dlink DIR-885L
Dlink DIR-880L
Dlink DIR-868L (Rev. B and C)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10066

CVE References

CVE-2016-6563

Other References

SAP10066