H3C Magic B0 Router Buffer Overflow Vulnerability in Edit_BasicSSID_5G Function

A buffer overflow vulnerability has been identified in the H3C Magic B0 router, affecting versions through 100R002. The issue arises in the Edit_BasicSSID_5G function within the /goform/aspForm file. The vulnerability can be exploited remotely by manipulating the 'param' argument, leading to potential memory corruption. Publicly available exploitation methods could be used to trigger this vulnerability.

Impact

Exploitation of this vulnerability can cause a crash of the web management service, leading to a denial-of-service condition. It may also cause the device to reboot or become unstable. Under certain conditions, this vulnerability could allow for remote code execution.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/aspForm endpoint. Include a 'param' value that is excessively long, which will trigger the buffer overflow in the Edit_BasicSSID_5G handler. This can be done using a web browser or a tool like curl, by specifying the long 'param' value in the request body.