CVE-2018-10996

https://notcve.org/view.php?id=CVE-2018-10996

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. La función weblogin_log en /htdocs/cgibin en dispositivos D-Link DIR-629-B1 permite que los atacantes ejecuten código arbitrario o provoquen una denegación de servicio (desbordamiento de búfer) mediante una petición session.cgi?ACTION=logout relacionada con una variable de entorno REMOTE_ADDR larga. • http://www.securityfocus.com/bid/104277 https://github.com/kgsdy/D-Link-DIR-629/blob/master/D-Link-DIR-629-B1.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •