CVE-2019-6258

2020-08-1816:48:40

mitre

www.cve.org

cve-2019-6258

d-link dir-822

buffer overflow

hnap protocol

firmware v.202krb06

udhcpd

lan-1-udhcpd.conf

AI Score

9.8

Confidence

High

EPSS

0.003

Percentile

69.3%

JSON

D-Link DIR-822 Rev.Bx devices with firmware v.202KRb06 and older allow a buffer overflow via long MacAddress data in a /HNAP1/SetClientInfo HNAP protocol message, which is mishandled in /usr/sbin/udhcpd during reading of the /var/servd/LAN-1-udhcpd.conf file.