March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Microsoft Users Targeted by EvilProxy Phishing Kit Exploiting Indeed.com Vulnerability – Active IOCs
October 6, 2023Rewterz Threat Advisory – Multiple D-Link DIR Products Vulnerabilities
October 6, 2023Rewterz Threat Alert – Microsoft Users Targeted by EvilProxy Phishing Kit Exploiting Indeed.com Vulnerability – Active IOCs
October 6, 2023Rewterz Threat Advisory – Multiple D-Link DIR Products Vulnerabilities
October 6, 2023
Severity
High
Analysis Summary
CVE-2023-44403 CVSS:8.8
D-Link DAP-1325 routers could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the handling of a request parameter provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-44404 CVSS:8.8
D-Link DAP-1325 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the XML data provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-44405 CVSS:8.8
D-Link DAP-1325 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the XML data provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-44407 CVSS:8.8
D-Link DAP-1325 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the XML data provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-44408 CVSS:8.8
D-Link DAP-1325 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the XML data provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-44409 CVSS:8.8
D-Link DAP-1325 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the XML data provided to the HNAP1 SOAP endpoint. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
Impact
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-44403
- CVE-2023-44404
- CVE-2023-44405
- CVE-2023-44407
- CVE-2023-44408
- CVE-2023-44409
Affected Vendors
D-Link
Affected Products
- D-Link DAP-1325
Remediation
Refer to D-Link Web site for patch, upgrade or suggested workaround information.