TOTOLINK A3002RU Stack-Based Buffer Overflow Vulnerability in IPv6 Setup Function

A stack-based buffer overflow vulnerability has been identified in the TOTOLINK A3002RU router, specifically in version V3.0.0-B20220304.1804. The issue arises in the device's boa web server interface, where user input is not properly validated. This vulnerability allows authenticated attackers to send specially crafted requests that trigger the buffer overflow, potentially leading to arbitrary code execution or causing a denial-of-service condition.

Impact

Exploitation of this vulnerability can result in a stack-based buffer overflow, which may allow for arbitrary code execution or cause a denial-of-service condition on the device.

Reproduction

To reproduce this vulnerability, send a request to the 'formIpv6Setup' endpoint of the boa service interface on a TOTOLINK A3002RU router running V3.0.0-B20220304.1804. Include the 'static_ipv6' parameter with a specially crafted value that exceeds the buffer size. The lack of proper input validation will cause a stack overflow.