Try   HackMD

ip-com-15

vendor:IP-COM

product:M50

version:V15.11.0.33(10768)

type:Buffer Overflow

author:Yifeng Li, Wolin Zhuang;

Vulnerability description

We found an buffer overflow vulnerability in IP-COM Technology IP-COM’s M50 routers with firmware which was released recently, allows control “ip” , "mac" or "remark" to attack it.

Buffer Overflow vulnerability

In formIPMacBindModify function, the parameter “ip” , "mac" and "remark" is directly sprintf, placed on the stack, which overrides the return address of the function, causing buffer overflow.

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

PoC

Buffer Overflow

We set the value of “ip” , "mac" or "remark" as aaaaaaaaaaaaaaaaaaaaaaaaa…… and the router will cause buffer overflow.

Last changed by 
Wolin Zhuang
0
3369
Published on HackMD