TOTOLINK N300RH Buffer Overflow Vulnerability in HTTP POST Message Handler
Vulnerability
A critical buffer overflow vulnerability has been identified in the TOTOLINK N300RH router, specifically in the firmware version 6.1c.1390_B20191101. The issue arises in the HTTP POST Message Handler, within the file '/boafrm/formPortFw'. The vulnerability is triggered by manipulating the 'service_type' argument, leading to a stack overflow. This buffer overflow can be exploited remotely, potentially causing a denial-of-service condition by sending a malicious HTTP POST message.
Impact
Exploitation of this vulnerability causes a buffer overflow, leading to a stack overflow condition. This can be used to execute arbitrary code or cause a denial-of-service condition by crashing the device.
Reproduction
To reproduce this vulnerability, send an HTTP POST request to the '/boafrm/formPortFw' endpoint with a crafted 'service_type' argument that exceeds the buffer size. This will trigger the buffer overflow condition by overwriting the stack.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.