Linksys RE6250, RE6300, RE6350, RE6500, RE7000, RE9000 Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 routers, all running specific firmware versions. The vulnerability arises in the 'ipRangeBlockManageRule' function within the '/goform/ipRangeBlockManageRule' file. Attackers can exploit this vulnerability by manipulating the 'ipRangeBlockRuleName', 'scheduleIp', and 'ipRangeBlockRuleIpAddr' parameters, leading to a stack overflow that could potentially allow arbitrary code execution. The issue can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability causes the router to crash, disrupting its normal service and causing a persistent denial of service.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/ipRangeBlockManageRule' with an excessively long 'ipRangeBlockRuleName' parameter. The router will crash and fail to provide services correctly.