CVE-2006-3687
Last modified
CVE-2006-3687 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.. EPSS estimates a 19.13% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| D-Link | Di-604 Broadband Router | All versions |
| D-Link | Di-784 | All versions |
| D-Link | Ebr-2310 Ethernet Broadband Router | All versions |
| D-Link | Wbr-1310 Wireless G Router | All versions |
| D-Link | Wbr-2310 Rangebooster G Router | All versions |
| Dlink | Di-524 | All versions |
| Dlink | Di-624 | All versions |
References
- http://secunia.com/advisories/21081Vendor Advisory
- http://www.kb.cert.org/vuls/id/971705US Government Resource
- http://secunia.com/advisories/21081Vendor Advisory
- http://www.kb.cert.org/vuls/id/971705US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-3687?
How severe is CVE-2006-3687?
How do I fix CVE-2006-3687?
Are you affected by CVE-2006-3687?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST