UTT 进取 520W Buffer Overflow Vulnerability in FormPictureUrl Function
Vulnerability
A buffer overflow vulnerability has been identified in the UTT 进取 520W router, specifically in the firmware version 1.7.7-180627. The issue arises in the '/goform/formPictureUrl' endpoint, where the 'importpictureurl' parameter is processed by the 'strcpy' function without proper bounds checking. This oversight allows for remote exploitation, leading to a buffer overflow condition. The vulnerability has been publicly disclosed, and an exploit is available.
Impact
Exploitation of this vulnerability causes a buffer overflow, which can commonly lead to arbitrary code execution or a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending a POST request to the '/goform/formPictureUrl' endpoint. The request must include the 'importpictureurl' parameter, which should be populated with a payload designed to overflow the buffer. This can be done by exceeding the expected length of the input, taking advantage of the lack of proper input validation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.