D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on October 19, 2021, 08:49:56 AM

Title: DCS-930L - Buffer Overflow Vulnerability
Post by: GreenBay42 on October 19, 2021, 08:49:56 AM
For more information, please visit https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10260 (https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10260)


The DCS-930L (all hardware revisions) have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle.  These products have been accused of multiple vulnerabilities.

The resources associated with these products have ceased their development and are no longer supported. For US consumers, D-Link Systems, Inc. (D-Link US), recommends retiring these products and replacing them with products that receive firmware updates. For non-US consumers, please contact your regional office for recommendations.

Exploit 1 - The DCS-930L has buffer overflow vulnerability. The location of the vulnerability is in the TxKey parameter of /wireless.htm, and the back-end processing does not verify the length of the TxKey parameter.