Buffer Overflow vulnerability in Skyworth Router

Vulnerability

The vulnerability exists in the Skyworth Router CM5100 with firmware version 4.1.1.24. The web interface fails to properly validate user-supplied input for the Set Upstream Channel ID (UCID) parameter. This insufficient validation allows a remote attacker to supply specially crafted input to the parameter, triggering a denial of service condition [1].

Exploitation

An attacker must have network access to the web interface of the targeted router. No authentication is required as the vulnerable parameter is accessible without prior login. The attacker sends a crafted HTTP request to the UCID parameter with malicious input, which the router processes without proper sanitization, leading to a crash or hang of the device [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, rendering the router unavailable for legitimate network traffic. This can disrupt internet connectivity for all devices connected to the affected router. The attacker does not gain code execution or data access; the impact is limited to availability [1].

Mitigation

As of the publication date (2024-01-17), no official fix or firmware update has been released by Skyworth for the CM5100 version 4.1.1.24. Users are advised to monitor the vendor's support channels for a patch. In the absence of a fix, restricting access to the web interface to trusted IPs only or disabling remote management may reduce exposure [1].