September 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
North Korean APT Kimsuky Aka Black Banshee – Active IOCs
May 10, 2024
Complete Device Takeover Possible Due to Critical F5 Central Manager Vulnerabilities
May 10, 2024
North Korean APT Kimsuky Aka Black Banshee – Active IOCs
May 10, 2024
Complete Device Takeover Possible Due to Critical F5 Central Manager Vulnerabilities
May 10, 2024
Severity
High
Analysis Summary
CVE-2023-35749 CVSS:8.8
D-Link DAP-2622 WiFi Router is vulnerable to a stack-based buffer overflow, caused by improper bounds checking in Set Date-Time NTP Server. By sending a specially crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code in the context of root on the system.
CVE-2023-35757 CVSS:8.8
D-Link DAP-2622 WiFi Router is vulnerable to a stack-based buffer overflow, caused by improper bounds checking in Firmware Upgrade Filename. By sending a specially crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code in the context of root on the system.
Impact
- Gain Access
- Buffer Overflow
Indicators of Compromise
CVE
- CVE-2023-35749
- CVE-2023-35757
Affected Vendors
D-Link
Affected Products
- D-Link DAP-2622
Remediation
Refer to D-Link Website for patch, upgrade, or suggested workaround information.