CVE-2016-1558

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.8CRITICAL

EPSS

14.9%

top 5.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dlink Dap-2230 Firmware Dlink Dap-2310 Firmware Dlink Dap-2330 Firmware +7 more

Timeline

PublishedApr 21

Latest updateMay 17

Description

Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages10 packages

▶NVDdlink/dap-2310_firmware2.06

▶NVDdlink/dap-2330_firmware1.06

▶NVDdlink/dap-2360_firmware2.06

▶NVDdlink/dap-2553_firmware3.05

▶NVDdlink/dap-2660_firmware1.11

Patches

Patch: www.dlink.com ↗Patch: www.dlink.com ↗

🔴Vulnerability Details

GHSA

GHSA-88pq-qj92-q92g: Buffer overflow in D-Link DAP-2310 2↗2022-05-17

▶

CVEList

CVE-2016-1558: Buffer overflow in D-Link DAP-2310 2↗2017-04-21

▶