CVE-2022-45707

Vulnerability

A buffer overflow vulnerability exists in the formAddDnsHijack function of IP-COM M50 routers running firmware version V15.11.0.33(10768). The function copies the user-supplied rules parameter directly into a stack-based buffer using strcpy without bounds checking, leading to a stack overflow. This occurs in the web management interface's DNS hijack configuration functionality. [1]

Exploitation

An attacker with network access to the router's management interface can send a crafted HTTP POST request to the vulnerable endpoint with an overly long rules parameter. The overflow overwrites the return address of the function, allowing control of execution flow. No authentication is explicitly required in the available references, but the endpoint is typically part of the authenticated web interface. [1]

Impact

Successful exploitation can cause a denial of service by crashing the device, or potentially allow arbitrary code execution with root privileges, as the router firmware runs with elevated permissions. The attacker gains full control over the affected device. [1]

Mitigation

As of the publication date (2022-12-23), no firmware update or patch has been released by IP-COM to address this vulnerability. Users should restrict access to the management interface to trusted networks only and monitor for future firmware updates. If the device is no longer supported, consider replacing it. [1]