CVE-2021-27114

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
14/04/2021
Last modified:
20/04/2021

Description

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:dlink:dir-816_firmware:1.10b05:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dir-816:a2:*:*:*:*:*:*:*