What is CVE-2016-5681?

CVE-2016-5681 is a critical-severity vulnerability in D-link Dir-817l\(w\)_firmware, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 9.8/10. Published 2016-08-25.

How severe is CVE-2016-5681?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Buffer overflow in D-link Dir-817l\(w\)_firmware

CVE-2016-5681

Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04…

Vulnerability class: Buffer Overflow

EPSS: 0.353 (97.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
VU#332115 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)
92427 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-5681?: CVE-2016-5681 is a critical-severity vulnerability in D-link Dir-817l\(w\)_firmware, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 9.8/10. Published 2016-08-25.
How severe is CVE-2016-5681?: Critical severity. CVSS v3 base score is 9.8 out of 10.