CVE-2015-2052

CWE-119 — Buffer Overflow11 documents7 sources

Severity

10.0CRITICAL

EPSS

11.6%

top 6.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Dir-645 Firmware

Timeline

PublishedFeb 23

Latest updateMay 17

Description

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDdlink/dir-645_firmware1.04b12

🔴Vulnerability Details

GHSA

GHSA-cpxr-x8w8-p34j: Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev↗2022-05-17

▶

OSV

harfbuzz vulnerabilities↗2016-08-24

▶

CVEList

CVE-2015-2052: Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev↗2015-02-23

▶

VulnCheck

D-Link DIR-645 Router Improper Restriction of Operations within the Bounds of a Memory Buffer↗2015

▶

📋Vendor Advisories

Red Hat

chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6↗2016-01-24

▶

Red Hat

chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6↗2016-01-24

▶

💬Community

Bugzilla

CVE-2015-8947 CVE-2016-2052 harfbuzz: chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 [fedora-all]↗2016-07-21

▶