Vulnerability Details CVE-2020-8962
A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.023
EPSS Ranking 83.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-8962
-
cpe:2.3:h:dlink:dir-842:c
-
cpe:2.3:o:dlink:dir-842_firmware:3.13b09