CVE-2023-1312: 
PHP vulnerability analysis and mitigation

A vulnerability was identified in D-Link DAP-1325 routers, tracked as CVE-2023-1312. The vulnerability affects the handling of XML data provided to the HNAP1 SOAP endpoint and was publicly disclosed on September 7, 2023. The issue impacts network-adjacent installations of D-Link DAP-1325 routers (ZDI Advisory).

The vulnerability stems from improper validation of user-supplied data length before copying it to a fixed-length stack-based buffer. This stack-based buffer overflow vulnerability received a CVSS score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating its high severity. Authentication is not required to exploit this vulnerability (ZDI Advisory).

An attacker can leverage this vulnerability to execute arbitrary code in the context of root on affected D-Link DAP-1325 routers. The vulnerability allows for complete compromise of the affected system with high impacts on confidentiality, integrity, and availability (ZDI Advisory).

D-Link has released an update to address this vulnerability. Users are advised to apply the security update available through the D-Link support portal (ZDI Advisory).

The vulnerability was initially reported to the vendor on September 28, 2022, by Dmitry "InfoSecDJ" Janushkevich of Trend Micro Zero Day Initiative. After coordinated disclosure procedures, the advisory was publicly released on September 7, 2023 (ZDI Advisory).