CVE-2023-24133

Vulnerability

A stack overflow vulnerability exists in the wepkey_5g parameter handled by the /goform/WifiBasicSet form in Jensen of Scandinavia Eagle 1200AC router firmware version V15.03.06.33_en [1]. The flaw is triggered when an overly long WEP key is supplied for the 5 GHz interface, overflowing a stack buffer in the web management interface of the device.

Exploitation

An attacker must be on the same local network as the affected router or have access to its web management interface (typically at the default gateway address) to send a crafted HTTP POST request to the /goform/WifiBasicSet endpoint with an excessively long value for the wepkey_5g parameter. No authentication is required if the management interface is exposed to the LAN or WAN, though by default it is typically only LAN-accessible [1].

Impact

Successful exploitation causes a stack overflow, which can lead to a denial of service (device crash/reboot) or potentially arbitrary code execution at the kernel or system level on the router, compromising all network traffic passing through it. The full impact may include complete compromise of the router's control over connected devices (CVE-2023-24133) [1].

Mitigation

No official patch or firmware update has been released by the vendor (Jensen of Scandinavia) as of the publication date (2023-03-01) [1]. Users should disable remote administration, restrict management access to trusted hosts, and isolate the router from untrusted networks. If available, consider replacing the device if no vendor fix is provided.