EFM ipTIME NAS1dual Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in the EFM ipTIME NAS1dual product, specifically in version 1.5.24. The issue arises in the 'get_csrf_whites' function within the '/cgi/advanced/misc_main.cgi' file. This vulnerability can be exploited remotely, as the function fails to properly validate the length of the 'csrf_whites' configuration value, allowing for excessive data to overwrite adjacent stack memory.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, causing the application to crash.

Reproduction

The vulnerability can be reproduced by first modifying the 'csrf_whites' configuration item to include a string longer than 1024 bytes. After setting this malicious payload, send a POST request to '/cgi/advanced/misc_main.cgi'. The server will respond with a crash, indicating that the stack overflow has occurred.