TOTOLINK A702R Buffer Overflow Vulnerability in formParentControl Endpoint

A buffer overflow vulnerability has been identified in the TOTOLINK A702R router, specifically in firmware version 4.0.0-B20211108.1423. The vulnerability resides in the function sub_418030 of the file /boafrm/formParentControl. It is triggered by manipulating the submit-url argument, which can lead to a program crash. This vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can lead to arbitrary code execution or a denial-of-service condition, causing the device to crash.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /boafrm/formParentControl endpoint. The request must include a crafted submit-url parameter that exceeds the buffer size, causing a buffer overflow. This can be done using a web browser or a tool like curl, by specifying the appropriate headers and payload.