Name of Affected Product(s): D-Link Router DIR-822K TK_1.00_20250513164613 Vulnerability Details: Vendor: D-Link (友讯电子设备(上海)有限公司) Product: D-Link DIR-822K Affected Version: Firmware: TK_1.00_20250513164613 Vulnerability Type: Buffer Overflow (Binary) Vulnerability Description: A buffer overflow vulnerability was discovered in the "/boafrm/formWlEncrypt" endpoint. The issue is located within the function. The function is used to parse the "submit-url" parameter from an incoming request. Injecting an oversized "submit-url" value can lead to stack corruption and potentially arbitrary code execution. Vulnerability Location: Impact: Denial of Service (DoS): Crashing the web server process and making the device's management interface inaccessible. Arbitrary Code Execution: Overwriting the return address on the stack to redirect program execution to shellcode, potentially allowing the attacker to gain full control over the device. Proof of Concept (PoC): Example HTTP request: