Linksys E1700 Stack-Based Buffer Overflow Vulnerability in setSysAdm Function

A stack-based buffer overflow vulnerability has been identified in the Linksys E1700 router running firmware version 1.0.0.4.003. The issue arises in the setSysAdm function, where the rm_port parameter is not properly validated, allowing remote attackers to overwrite the stack and potentially execute arbitrary code. This vulnerability can lead to a denial-of-service condition, causing the router to crash and disrupt normal operations.

Impact

Exploitation of this vulnerability causes the router to crash, leading to a persistent denial-of-service condition where the device fails to function correctly or provide services.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/setSysAdm endpoint. Include the rm_port parameter with a payload that is excessively long, which will cause the router to crash. The request should be made with authorization as an admin user.