TOTOLINK A3002R Buffer Overflow Vulnerability in formMapDelDevice Endpoint Allowing Denial-of-Service

A buffer overflow vulnerability has been identified in the TOTOLINK A3002R router, specifically in version 4.0.0-B20230531.1404. The issue arises in the Boa web server when the hostname parameter is processed by the formMapDelDevice endpoint. This vulnerability can be exploited by sending crafted input, leading to a denial-of-service condition where the device becomes unresponsive.

Impact

Exploitation of this vulnerability causes the Boa web server to crash, making the web interface inaccessible. This denial-of-service condition can be particularly disruptive, as it requires manual intervention to restore normal functionality.

Reproduction

The vulnerability can be reproduced by sending a POST request to the 'multi_ap_popup_client_details.htm' URL with an excessive amount of data in the 'hostname' parameter. This can be done by modifying the input field using developer tools to bypass any client-side validation. Once the crafted request is sent, the Boa web server will crash, demonstrating the buffer overflow vulnerability.