D-Link Vulnerability Vendor: D-Link Product: DIR-609L Version: 2.06B01 Type: Stack Overflow Author: Jian Peng Mail: pengjian@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description We found a stack overflow vulnerability in the D-Link router with firmware version 2.06B01, which allows remote attackers to crash the service. Stack Overflow in Box Binary: In the router's function, is directly passed by the attacker. If this part of the data is too long, it will cause a stack overflow, allowing control over the function and leading to arbitrary code execution. The input has not been checked. The parameter is directly copied to a local variable placed on the stack, causing buffer overflow. PoC We set as , and the router will crash, such as: Result The target router crashes and cannot provide services correctly and persistently.