Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.
2016-08-25T21:59:04.150
2025-04-12T10:46:40.837
Deferred
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | dlink | dir-868l_firmware | ≤ 2.03 | Yes |
| Hardware | dlink | dir-868l | b1 | No |
| Operating System | dlink | dir-822_firmware | 3.01 | Yes |
| Hardware | dlink | dir-822 | a1 | No |
| Operating System | d-link | dir-880l_firmware | ≤ 1.07 | Yes |
| Hardware | dlink | dir-880l | a1 | No |
| Operating System | d-link | dir-850l_firmare | ≤ 2.07 | Yes |
| Hardware | dlink | dir-850l | b1 | No |
| Operating System | d-link | dir-895l_firmware | ≤ 1.11 | Yes |
| Hardware | dlink | dir-895l | a1 | No |
| Operating System | d-link | dir-817l\(w\)_firmware | ≤ jul.2016 | Yes |
| Hardware | dlink | dir-817l\(w\) | ax | No |
| Operating System | d-link | dir-818l\(w\)_firmware | ≤ 2.05 | Yes |
| Hardware | dlink | dir-818l\(w\) | ax | No |
| Operating System | d-link | dir-890l_firmware | ≤ 1.09 | Yes |
| Hardware | dlink | dir-890l | a1 | No |
| Operating System | d-link | dir-823_firmware | ≤ 1.00 | Yes |
| Hardware | dlink | dir-823 | a1 | No |
| Operating System | d-link | dir-885l_firmware | ≤ 1.11 | Yes |
| Hardware | dlink | dir-885l | a1 | No |
| Operating System | dlink | dir-868l_firmware | ≤ 3.00 | Yes |
| Hardware | dlink | dir-868l | c1 | No |