CVE-2015-2052

critical

Published 2015-02-23 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings action to the HNAP interface.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051

References

http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051
http://www.securityfocus.com/bid/72623
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051
http://www.securityfocus.com/bid/72623

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.