Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability Allowing Remote Code Execution

A stack-based buffer overflow vulnerability has been identified in the Edimax EW-7438RPn range extender, specifically in version 1.31. The issue arises in the 'formRadius' function of the '/goform/formRadius' file, where the 'submit-url' argument is manipulated. This vulnerability can be exploited remotely, leading to a crash of the device and potentially allowing for arbitrary code execution.

Impact

Exploitation of this vulnerability causes the device to crash, disrupting its normal functioning. However, the nature of the stack-based buffer overflow could be leveraged to execute arbitrary code, potentially leading to more severe consequences.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/formRadius' with a 'submit-url' parameter that contains a payload designed to overflow the stack. This can be done using a web browser or a tool like curl, ensuring that the 'Content-Type' is set to 'application/x-www-form-urlencoded'. The request should include authorization credentials if required by the device.