Planet FW-WGS-804HPT Stack Overflow Vulnerability in web_aaa_loginAuthlistEdit Function
Vulnerability
A stack overflow vulnerability has been identified in the Planet FW-WGS-804HPT Ethernet switch, specifically in version 1.305b241111. The issue arises in the web_aaa_loginAuthlistEdit function, where theauthName parameter is improperly handled, leading to a buffer overflow. This vulnerability allows for control flow hijacking by overflowing the stack and overwriting return addresses.
Impact
Exploitation of this vulnerability causes a stack overflow, allowing attackers to overwrite the return address and hijack the control flow of the application. This could potentially lead to arbitrary code execution.
Reproduction
The vulnerability can be reproduced by sending a POST request to the dispatcher.cgi with a crafted authName parameter. The value of authName should be a long string of characters, sufficient to overflow the stack buffer. This can be done using a tool like QEMU to emulate the router environment and simulate the request.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.