CVE-2017-3193
HIGHD-Link DIR-850L Firmware 1.14B07 and 2.07.B05 - Stack-based Buffer Overflow in HNAP Service
Title source: llmDescription
Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service.
References (5)
Core 5
Core References
Third Party Advisory, US Government Resource, VDB Entry third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/305448
Third Party Advisory x_refsource_misc
https://twitter.com/NCCGroupInfosec/status/845269159277723649
Third Party Advisory x_refsource_misc
https://www.nccgroup.trust/uk/our-research/d-link-dir-850l-web-admin-interface-vulnerable-to-stack-based-buffer-overflow/?research=Technical+advisories
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96747
Patch, Third Party Advisory x_refsource_misc
https://tools.cisco.com/security/center/viewAlert.x?alertId=52967
Scores
CVSS v3
8.8
EPSS
0.0129
EPSS Percentile
79.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
CWE-121
Status
published
Products (4)
D-Link/DIR-850L and potentially others
1.14B07
D-Link/DIR-850L and potentially others
2.07.B05
dlink/dir-850l_firmware
1.14b07
dlink/dir-850l_firmware
2.07.b05
Published
Dec 16, 2017
Tracked Since
Feb 18, 2026