Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie.
References
| Link | Resource |
|---|---|
| http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html | Broken Link Third Party Advisory VDB Entry |
| http://seclists.org/fulldisclosure/2016/Feb/112 | Mailing List Third Party Advisory |
| http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
History
26 Apr 2023, 19:27
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:d-link:dap-2360_firmware:2.06:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2230_firmware:1.02:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2660:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-3662:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2310:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2360:-:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2690_firmware:3.15:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-3662_firmware:1.01:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2330_firmware:1.06:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2330:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2553:-:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-3320:-:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-3320_firmware:1.00:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2690:-:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2553_firmware:3.05:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2660_firmware:1.11:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2695_firmware:1.16:*:*:*:*:*:*:* cpe:2.3:h:d-link:dap-2695:-:*:*:*:*:*:*:* cpe:2.3:o:d-link:dap-2310_firmware:2.06:*:*:*:*:*:*:* |
cpe:2.3:o:dlink:dap-2660_firmware:1.11:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2690:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2695:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2330_firmware:1.06:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2690_firmware:3.15:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2230:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-3662_firmware:1.01:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-3662:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2553:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2330:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2695_firmware:1.16:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-3320:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2310_firmware:2.06:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2360:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-3320_firmware:1.00:*:*:*:*:*:*:* cpe:2.3:h:dlink:dap-2310:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2230_firmware:1.02:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2553_firmware:3.05:*:*:*:*:*:*:* cpe:2.3:o:dlink:dap-2360_firmware:2.06:*:*:*:*:*:*:* |
Information
Published : 2017-04-21 15:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-1558
Mitre link : CVE-2016-1558
CVE.ORG link : CVE-2016-1558
JSON object : View
Products Affected
dlink
- dap-2360_firmware
- dap-3662_firmware
- dap-2310
- dap-2660_firmware
- dap-2553_firmware
- dap-2660
- dap-2330_firmware
- dap-2360
- dap-2230
- dap-2330
- dap-2310_firmware
- dap-3320_firmware
- dap-3320
- dap-2690_firmware
- dap-2230_firmware
- dap-2695
- dap-3662
- dap-2553
- dap-2695_firmware
- dap-2690
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer