提出 #652387: MikroTik RouterOS 7 Memory Corruption情報

タイトル	MikroTik RouterOS 7 Memory Corruption
説明	Critical buffer overflow vulnerability in libjson.so JSON parser affecting RouterOS devices. The vulnerability exists in the parse_json_element function at address 0xf7ef6992, specifically in Unicode escape sequence processing logic. TECHNICAL DETAILS: - Function: parse_json_element (0xf7ef657b - 0xf7ef6fbb) - Root Cause: Insufficient length validation for \u Unicode escape sequences - Trigger: Malformed JSON with incomplete Unicode sequences like "\u0\0\\" - Impact: Infinite parsing loop leading to DoS/potential code execution EXPLOITATION: - Remote trigger via HTTP POST to /rest/ip/address/print endpoint - Malicious payload: {"0":"\u0\0\\"0 - Can bypass basic authentication - Immediate application crash, potential for code execution AFFECTED BINARY: - libjson.so (MD5: c6e0f91c84de5e261c7f2decbf51fad3) - SHA256: b6c00cb53461ed70610e53d11bb2c8a36868accbd55142a2ac5992c97fbe4cf4 The vulnerability occurs when the parser encounters \u followed by insufficient hex digits, causing state corruption in the string parsing loop and resulting in infinite iteration until memory exhaustion.
ソース	⚠️ https://github.com/a2ure123/libjson-unicode-buffer-overflow-poc
ユーザー	a2ure (UID 41072)
送信	2025年09月11日 04:51 (7 月 ago)
モデレーション	2025年09月25日 08:03 (14 days later)
ステータス	承諾済み
VulDBエントリ	325818 [MikroTik RouterOS 7 libjson.so /rest/ip/address/print parse_json_element メモリ破損]
ポイント	20

◂ 前概要次 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!