Belkin F9K1015 Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Belkin F9K1015 router, specifically in version 1.00.10. The issue arises in the 'formWlEncrypt' function within the '/goform/formWlEncrypt' file, where user-supplied input in the 'webpage' parameter is not properly validated before being copied to a stack-based buffer. This vulnerability can be exploited remotely, potentially leading to unauthorized code execution or a denial-of-service condition.

Impact

Exploitation of this vulnerability allows for a stack-based buffer overflow, which can be used to execute arbitrary code or cause a denial-of-service condition on the device.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/formWlEncrypt' with a 'webpage' parameter that contains a payload designed to overflow the stack buffer. This can be done using a tool like Burp Suite or by writing a custom script that automates the process.