Description
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Barnaby Jack · textdoshardware
https://www.exploit-db.com/exploits/28230
References (11)
Core 11
Core References
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0363.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/440298/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/440852/100/100/threaded
Various Sources x_refsource_misc
http://www.eeye.com/html/research/advisories/AD20060714.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21081
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/27333
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2829
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/971705
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19006
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016511
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27755
Scores
EPSS
0.2083
EPSS Percentile
95.7%
Details
Status
published
Products (7)
d-link/di-604_broadband_router
d-link/di-784
d-link/ebr-2310_ethernet_broadband_router
d-link/wbr-1310_wireless_g_router
d-link/wbr-2310_rangebooster_g_router
dlink/di-524
dlink/di-624
Published
Jul 21, 2006
Tracked Since
Feb 18, 2026