CVE-2022-45720
Description
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in IP-COM M50 router's formIPMacBindModify function allows remote attackers to cause denial of service or potentially execute arbitrary code via crafted ip, mac, or remark parameters.
Vulnerability
The vulnerability resides in the formIPMacBindModify function of IP-COM M50 router firmware version V15.11.0.33(10768). The parameters ip, mac, and remark are passed directly to sprintf and placed on the stack without proper bounds checking, leading to a buffer overflow [1].
Exploitation
An attacker with network access to the router's management interface can send a crafted HTTP request containing an overly long value in the ip, mac, or remark parameter to trigger the overflow [1].
Impact
Successful exploitation overwrites the return address on the stack, potentially allowing an attacker to cause a denial of service or execute arbitrary code with the privileges of the affected process (likely root) [1].
Mitigation
As of the publication date (2022-12-23), no official patch has been released. Users should monitor IP-COM for firmware updates and restrict access to the management interface to trusted networks if possible [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- IP-COM/M50description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.