VDB
CVE-2006-3687
CVE-2006-3687
PUBLISHED
CVSS 7.5 HIGH
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
EPSS 20.83% · 95.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
20.83%
95.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| d-link | wbr-1310_wireless_g_router | |
| d-link | di-604_broadband_router | |
| d-link | di-784 | |
| d-link | wbr-2310_rangebooster_g_router | |
| n/a | n/a | n/a |
| dlink | di-624 | |
| dlink | di-524 | |
| d-link | ebr-2310_ethernet_broadband_router |
Timeline
- Jul 17, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 20060717 [EEYEB-20060227] D-Link Router UPNP Stack Overflow mailing-list
- 20060717 [EEYEB-20060227] D-Link Router UPNP Stack Overflow mailing-list
- 20060722 RE: [EEYEB-20060227] D-Link Router UPNP Stack Overflow mailing-list
- http://www.eeye.com/html/research/advisories/AD20060714.html url
- 21081 third-party-advisory
- 27333 vdb
- ADV-2006-2829 vdb
- VU#971705 third-party-advisory
- 19006 vdb
- 1016511 vdb
- dlink-upnp-bo(27755) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-3687 advisory