Memory Corruption Vulnerability in AT Uplink at Taian Technology (Wuxi) Co.

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in the AT uplink of Taian Technology Wuxi Co. An...

CVE-2018-19989

In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability affects D-Link DIR-822 Rev.B 202KRb06 and DIR-822 Rev.C 3.10B06 devices. In the SetQoSSettings.php source code, the uplink parameter is saved in the /bwc/entry:1/bandwidth and /bwc/entry:2/bandwidth...