TOTOLINK X15 Buffer Overflow Vulnerability in HTTP POST Request Handler
Vulnerability
A critical buffer overflow vulnerability has been identified in the TOTOLINK X15 router, specifically in version 1.0.0-B20230714.1105. The issue arises in the HTTP POST request handler for the route '/boafrm/formMultiAPVLAN', where the 'submit-url' argument can be manipulated to cause a buffer overflow. This vulnerability can be exploited remotely, potentially leading to a denial-of-service condition by sending a malicious HTTP POST request.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can commonly lead to arbitrary code execution or a denial-of-service condition. In this case, the vulnerability has been reported to cause a denial-of-service.
Reproduction
The vulnerability can be reproduced by sending an HTTP POST request to the '/boafrm/formMultiAPVLAN' endpoint. The request must include a 'submit-url' parameter that is crafted to overflow the buffer, exceeding the expected length and potentially overwriting adjacent memory.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.