The vulnerability of the microprogramming software of the D-Link DAP-1325 wireless signal amplifier arises from reading data beyond the buffer in memory. This allows a hacker to execute arbitrary code.

🗓️ 17 Oct 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

The D-Link DAP-1325 wireless repeater has a buffer overread in its microprogramming software, allowing a remote attacker to execute arbitrary code.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2023-44406	3 May 202403:15	–	attackerkb
CNNVD	D-Link DAP-1325 安全漏洞	3 May 202400:00	–	cnnvd
CNVD	D-Link DAP-1325 SetAPLanSettings Stack Buffer Overflow Remote Code Execution Vulnerability	7 Oct 202300:00	–	cnvd
CVE	CVE-2023-44406	3 May 202402:13	–	cve
Cvelist	CVE-2023-44406 D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability	3 May 202402:13	–	cvelist
EUVD	EUVD-2023-48746	3 Oct 202520:07	–	euvd
NVD	CVE-2023-44406	3 May 202403:15	–	nvd
OSV	CVE-2023-44406	3 May 202403:15	–	osv
Positive Technologies	PT-2023-6103 · D Link · D-Link Dap-1325	4 Oct 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-44406 D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability	3 May 202402:13	–	vulnrichment

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-18825/
vuldb	www.vuldb.com/ru/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-23-1504/

17 Oct 2023 00:00Current

8.2High risk

Vulners AI Score8.2

CVSS 28.3

CVSS 38.8

EPSS0.0075

D-Link DAP-1325 buffer overread arbitrary code execution remote attacker