Full title: D-Link DIR645, DIR865, DIR845 authentication.cgi Buffer Overflow 
Category: remote exploits
Platform: hardware
This Metasploit module exploits an remote buffer overflow vulnerability on several D-Link routers. The vulnerability exists in the handling of HTTP queries to the authentication.cgi with long password values. The vulnerability can be exploitable without authentication. This Metasploit module has been tested successfully on D-Link firmware DIR645A1_FW103B11. Other firmwares such as the DIR865LA1_FW101b06 and DIR845LA1_FW100b20 are also vulnerable.

# 0day.today @ http://0day.today/