# ip-com-1
vendor:IP-COM
product:M50
version:V15.11.0.33(10768)
type:Buffer Overflow
author:Yifeng Li, Wolin Zhuang;
## Vulnerability description
We found an buffer overflow vulnerability in IP-COM Technology IP-COM’s M50 routers with firmware which was released recently, allows control the pEnable, pLevel or pModule to attack it.
## Buffer Overflow vulnerability
In formSetDebugCfg function, the parameter “pEnable”,"pLevel"and "pModule" is directly sprintf to a local variable placed on the stack, which overrides the return address of the function, causing buffer overflow, and so on, we also can control the pEnable, pLevel or pModule to attack it.
![](https://i.imgur.com/ivIkNZN.png)
## PoC
### Buffer Overflow
We set the value of “pEnable”,"pLevel" or "pModule" as aaaaaaaaaaaaaaaaaaaaaaaaa…… and the router will cause buffer overflow.