[原文]Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
A remote overflow exists in several D-Link Routers. These routers fail to handle some M-SEARCH UPnP requests resulting in a stack overflow. With a specially crafted UPnP request, an attacker can execute arbitrary code resulting in a loss of integrity.
Vendor D-Link has released updates for all affected routers and they are available for download on their website.