| Titel | Belkin F9K1122 1.00.33 Stack-based Buffer Overflow |
|---|
| Beschreibung | We found an stack overflow vulnerability in Belkin router with firmware which was released recently, allows remote attackers to crash the server.In the router's formWlanMP function, ateFunc、ateGain、ateTxCount、ateChan、ateRate、ateMacID、e2pTxPower1、e2pTxPower2、e2pTxPower3、e2pTxPower4、e2pTxPower5、e2pTxPower6、e2pTxPower7、e2pTx2Power1、e2pTx2Power2、e2pTx2Power3、e2pTx2Power4、e2pTx2Power5、e2pTx2Power6、e2pTx2Power7、ateTxFreqOffset、ateMode、ateBW、ateAntenna、e2pTxFreqOffset、e2pTxPwDeltaB、e2pTxPwDeltaG、e2pTxPwDeltaMix、e2pTxPwDeltaN、readE2P is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the ateFunc、ateGain、ateTxCount、ateChan、ateRate、ateMacID、e2pTxPower1、e2pTxPower2、e2pTxPower3、e2pTxPower4、e2pTxPower5、e2pTxPower6、e2pTxPower7、e2pTx2Power1、e2pTx2Power2、e2pTx2Power3、e2pTx2Power4、e2pTx2Power5、e2pTx2Power6、e2pTx2Power7、ateTxFreqOffset、ateMode、ateBW、ateAntenna、e2pTxFreqOffset、e2pTxPwDeltaB、e2pTxPwDeltaG、e2pTxPwDeltaMix、e2pTxPwDeltaN、readE2P to execute arbitrary code. |
|---|
| Quelle | ⚠️ https://github.com/wudipjq/my_vuln/blob/main/Belkin/vuln_11/11.md |
|---|
| Benutzer | pjqwudi (UID 85106) |
|---|
| Einreichung | 25.06.2025 10:36 (vor 10 Monaten) |
|---|
| Moderieren | 05.07.2025 17:25 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 315006 [Belkin F9K1122 1.00.33 webs /goform/formWlanMP Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|