CVE-2023-24127

Vulnerability

The Jensen Eagle 1200AC router running firmware version V15.03.06.33_en [1] contains a stack-based buffer overflow vulnerability in the /goform/WifiBasicSet handler. The wepkey1 parameter is copied into a fixed-size stack buffer without proper bounds checking, enabling an attacker to overflow the buffer and overwrite adjacent memory.

Exploitation

An attacker with network access to the router's web management interface can send a crafted HTTP POST request to /goform/WifiBasicSet with an overly long wepkey1 parameter. Authentication is likely required to access the form, but once authenticated, the overflow can be triggered remotely. No user interaction beyond authenticating is needed.

Impact

Successful exploitation of the stack overflow can lead to denial of service (crash of the web server) or potentially arbitrary code execution in the context of the device. Given the nature of embedded routers, code execution could allow an attacker to gain full control of the device, leading to network compromise.

Mitigation

As of the publication date, no firmware update or patch has been released by the vendor [1]. Users are advised to restrict access to the router's management interface to trusted networks only, disable remote management if not needed, and monitor for future security updates.