D-Link Vulnerability Vendor: D-Link Product: DIR-609L Version: 2.06B01 Type: Stack Overflow Author: Jian Peng Mail: pengjian@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description We discovered a stack overflow vulnerability in the D-Link router running firmware version 2.06B01, which enables remote attackers to crash the service. Stack Overflow in Box Binary: In the router's function, the parameter is directly controlled by the attacker. If the input data is excessively long, it triggers a stack overflow, allowing an attacker to take control of the function and potentially execute arbitrary code. The input is not validated. The parameter is directly copied into a local stack variable, resulting in a buffer overflow. PoC By setting to , the router crashes, as shown below: Result The target router crashes and is unable to provide services correctly or persistently.