Dbit N300 T1 Pro Wireless Router Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router, running firmware version 1.0.0. The issue arises in the boa web server URI handler, where an attacker can send a high volume of HTTP GET requests to non-existent URIs. This flood of requests exhausts critical system resources, such as file descriptors and memory buffers, leading to a kernel deadlock or system hang. As a result, the web management portal becomes unresponsive, and all routing capabilities are disabled.

Impact

Exploitation of this vulnerability causes a complete loss of the web management interface and disrupts all routing functions, leading to network downtime for connected devices. The router requires a manual reboot to restore normal operation.

Reproduction

The vulnerability can be reproduced by sending a large number of HTTP GET requests to non-existent URIs on the router's web server. This can be done using a script that automates the process, such as one written in Python that uses the requests library to flood the server with requests. The router's web interface will become unresponsive, and all routing capabilities will be disrupted, causing network downtime for connected devices.

Remediation

To address this vulnerability, it is recommended to implement connection rate limiting on the boa web server, add a watchdog timer to recover from deadlock states, and limit the maximum number of concurrent connections per IP address.