D-Link Vulnerability Key Information Vendor: D-Link Product: DIR619L Version: 2.06B01 Type: Stack Overflow Author: Jiaqian Peng Email: pengjiaqian@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description A stack overflow vulnerability was found in the D-Link router with firmware version 2.06B01. This allows remote attackers to crash the server. Stack Overflow In the function, the parameter is directly passed by the attacker. If this data is too long, it will cause a stack overflow, allowing control over the return address and execution of arbitrary code. The input is not checked, and the parameter is copied directly to a local variable on the stack, causing buffer overflow. POC To exploit the vulnerability, set to a long string like "aaaaa.....". The router will crash. Result The target router crashes and cannot provide services correctly and persistently.