CVE-2023-24118

Vulnerability

The Jensen of Scandinavia Eagle 1200AC router, firmware version V15.03.06.33_en, contains a stack overflow vulnerability in the /goform/WifiBasicSet handler. The security parameter is copied into a fixed-size stack buffer without proper bounds checking, allowing an attacker to overwrite adjacent memory. [1]

Exploitation

An unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP POST request to the router's web interface with an overly long security parameter. No authentication or user interaction is required, and the vulnerability is reachable from the LAN or WAN if the web interface is exposed.

Impact

Successful exploitation results in stack-based buffer overflow, which can lead to arbitrary code execution in the context of the root user. This gives the attacker full control over the device, including the ability to modify configuration, intercept traffic, or launch further attacks against internal networks. Denial of service is also possible.

Mitigation

As of the publication date (2023-03-01), no official fix has been released. Users should monitor the vendor's support page [1] for firmware updates. Until a patch is available, restrict access to the router's web interface to trusted networks only and disable remote administration if not required.