D-Link Declines to Patch RCE Vulnerabilities That Affected End-of-Life Routers
Posted: Sun Jan 26, 2025 3:54 pm
A significant security vulnerability has been reported in the DAP-2310, specifically affecting Hardware Revision A with Firmware version 1.16RC028.
Hahna Latonick of Dark Wolf Solutions identified the vulnerability, which has been named “BouncyPufferfish.” It exploits a stack-based buffer overflow in the ATP binary that handles PHP HTTP requests for the Apache HTTP Server running on the device.
https://cybersecuritynews.com/d-link-de ... abilities/
Hahna Latonick of Dark Wolf Solutions identified the vulnerability, which has been named “BouncyPufferfish.” It exploits a stack-based buffer overflow in the ATP binary that handles PHP HTTP requests for the Apache HTTP Server running on the device.
https://cybersecuritynews.com/d-link-de ... abilities/