CVE-2023-24123

Vulnerability

A stack-based buffer overflow vulnerability exists in the wepauth parameter of the /goform/WifiBasicSet endpoint on Jensen of Scandinavia Eagle 1200AC routers running firmware version V15.03.06.33_en. The flaw allows an attacker to send a specially crafted HTTP request with an overly long wepauth value, causing a stack overflow in the router's web server code [1]. The vulnerability can be exploited without authentication, as the endpoint is exposed to the network.

Exploitation

An attacker who can reach the router's web interface (typically on port 80 or 443) can send a crafted POST request to /goform/WifiBasicSet with an excessively long wepauth parameter. No prior authentication is required, and no user interaction is needed. The overflow occurs when the parameter is copied into a fixed-size stack buffer without proper bounds checking [1].

Impact

Successful exploitation leads to a stack overflow, which corrupts the stack and likely causes the web server process to crash, resulting in a denial of service (DoS) condition for the router's management interface. Depending on the implementation, the overflow might also allow for arbitrary code execution, though this is not confirmed in the available references. The impact is primarily service disruption, as the router's administrative functionality becomes unavailable [1].

Mitigation

As of the publication date (2023-03-01), no firmware patch or vendor advisory has been released to address this vulnerability. Users should monitor the vendor website for a firmware update. Restricting access to the web interface to trusted networks only (e.g., via firewall rules) can reduce the attack surface. The router is otherwise unpatched [1].