UTT 进取 512W Buffer Overflow Vulnerability in FTP Server Share Directory Selection
Vulnerability
A buffer overflow vulnerability has been identified in the UTT 进取 512W router, specifically in the firmware version 1.7.7-171114. The issue arises in the FTP server share directory selection function, where the 'oldfilename' parameter is manipulated, leading to a buffer overflow. This vulnerability can be exploited remotely, causing potential buffer overflow attacks and denial-of-service conditions.
Impact
Exploitation of this vulnerability leads to a buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash, creating a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending a POST request to the '/goform/formFtpServerShareDirSelcet' endpoint. The request must include a carefully crafted 'oldfilename' parameter that exceeds the buffer size, exploiting the lack of boundary checks in the 'strcpy' function. This can be done using a web browser or a tool like curl, with the appropriate headers and authorization.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.