CVE-2021-21961

Vulnerability

A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34 [1]. The implementation copies the queried name to a local buffer of fixed size (32 bytes) without bounds checking, trusting the supplied length field. A specially-crafted NBNS packet with a large length value (up to 255 bytes) causes an overflow of the stack buffer.

Exploitation

An attacker can exploit this vulnerability by sending a malicious NBNS query over the network. No authentication is required (CVSS:3.0/AV:N/AC:L/PR:N). The attacker simply crafts a packet with an oversized length field and corresponding name data, leading to stack corruption and control of the program counter [1].

Impact

Successful exploitation grants an attacker remote code execution on the device. The CVSS score of 10.0 indicates high impact on confidentiality, integrity, and availability, with scope change [1]. The attacker gains full control over the SeaConnect 370W running firmware v1.3.34.

Mitigation

As of the reference publication date, no patch or workaround is available for this vulnerability [1]. The affected version is v1.3.34; users should monitor vendor updates for a fixed firmware release.