UTT HiPER 2620G Buffer Overflow Vulnerability in NTP Server IP Handling

A critical buffer overflow vulnerability has been identified in the UTT HiPER 2620G router, affecting firmware versions through 3.1.4. The issue arises in the '/goform/fNTP' endpoint, where the 'NTPServerIP' parameter is manipulated, leading to a buffer overflow via the 'strcpy' function. This vulnerability can be exploited remotely, potentially causing denial-of-service conditions and allowing arbitrary code execution.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution on the affected device.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/fNTP' with the 'NTPServerIP' parameter containing a payload that exceeds the buffer's capacity. The 'SntpEnable' parameter must be set to 'on', and the 'NTPServerIP' must not be empty. This can be done using a web browser or a tool like curl, ensuring that the request includes the necessary headers for authentication.