H3C Magic B0 Buffer Overflow Vulnerability in EditWlanMacList Function

A buffer overflow vulnerability has been identified in the H3C Magic B0 router model, affecting firmware versions up to 100R002. The vulnerability arises in the EditWlanMacList function within the /goform/aspForm file. This issue allows for remote exploitation by manipulating the 'param' argument, potentially leading to a denial-of-service condition or arbitrary code execution.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to memory corruption. This type of vulnerability is commonly associated with allowing arbitrary code execution or causing a denial-of-service condition by crashing the device.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /goform/aspForm endpoint. The request must include the CMD parameter set to 'EditWlanMacList' and the 'param' field populated with a crafted payload that exceeds the buffer length, effectively causing a buffer overflow.