CVE-2019-6258

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
9.8CRITICAL
EPSS
1.4%
top 19.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
D-link Dir-822 Firmware
Timeline
PublishedAug 18
Latest updateMay 24

Description

D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: supportannouncement.us.dlink.comPatch: supportannouncement.us.dlink.com

🔴Vulnerability Details

2
GHSA
GHSA-2jv7-c5x2-xf95: D-Link DIR-822 Rev2022-05-24
CVEList
CVE-2019-6258: D-Link DIR-822 Rev2020-08-18
CVE-2019-6258 (CRITICAL CVSS 9.8) | D-Link DIR-822 Rev.Bx devices with | cvebase.io