What is CVE-2016-6563?

CVE-2016-6563 is a vulnerability in D-link Dir-818l(w), classified under Stack-based Buffer Overflow. Published 2018-07-13.

Is CVE-2016-6563 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in D-link Dir-818l(w)

CVE-2016-6563

Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. Th…

Vulnerability class: Buffer Overflow

EPSS: 0.849 (99.4th percentile) — read the EPSS interpretation.

Affected products

D-link Dir-818l(w) — versions N/A
D-link Dir-822 — versions N/A
D-link Dir-823 — versions N/A
D-link Dir-850l — versions N/A
D-link Dir-868l — versions N/A
D-link Dir-880l — versions N/A
D-link Dir-885l — versions N/A
D-link Dir-890l — versions N/A
D-link Dir-895l — versions N/A

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

40805 (exploit, x_refsource_EXPLOIT-DB)
VU#677427 (x_refsource_CERT-VN, third-party-advisory)
94130 (vdb-entry, x_refsource_BID)
20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2016-6563?: CVE-2016-6563 is a vulnerability in D-link Dir-818l(w), classified under Stack-based Buffer Overflow. Published 2018-07-13.
Is CVE-2016-6563 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.