CVE-2023-24128

Vulnerability

A stack overflow vulnerability exists in the Jensen of Scandinavia Eagle 1200AC router running firmware version V15.03.06.33_en. The flaw is located in the /goform/WifiBasicSet handler, specifically through the wepkey2 parameter. When a crafted HTTP request with an overly long wepkey2 value is processed, it overflows the stack buffer [1].

Exploitation

An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the router's web interface, targeting the /goform/WifiBasicSet endpoint with an excessively long wepkey2 parameter. No authentication is required if the web interface is exposed, but typically the attacker needs network access to the device. The overflow occurs during the parsing of the parameter, potentially overwriting critical stack data.

Impact

Successful exploitation could lead to arbitrary code execution on the device, allowing the attacker to gain full control of the router. Alternatively, it may cause a denial of service (DoS) by crashing the web server. The impact is high as the router is a network gateway, compromising all connected devices.

Mitigation

As of the publication date (2023-03-01), no official patch or firmware update has been released by Jensen of Scandinavia to address this vulnerability. Users are advised to restrict access to the router's web interface to trusted networks only, and monitor for future firmware updates. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.