DIGISOL DG-BR4000NG - Buffer Overflow (PoC)

vendor:

DG-BR4000NG Wireless Router

by:

Adipta Basu

9.8

CVSS

CRITICAL

Buffer Overflow

120

CWE

Product Name: DG-BR4000NG Wireless Router

Affected Version From: DIGISOL DG-BR4000NG Wireless Router

Affected Version To: DIGISOL DG-BR4000NG Wireless Router

Patch Exists: YES

Related CWE: CVE-2018-12706

CPE: h:digisol:dg-br4000ng_wireless_router

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Mac OS High Sierra

2018

DIGISOL DG-BR4000NG – Buffer Overflow (PoC)

A buffer overflow vulnerability exists in the DIGISOL DG-BR4000NG Wireless Router. An attacker can exploit this vulnerability by sending a crafted request with a string of 500 ì0îs after the Authorization Basic string to the router's web interface. This will cause the router to restart and the web interface to become faulty.

Mitigation:

Users should update their router to the latest version to mitigate this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: DIGISOL DG-BR4000NG - Buffer Overflow (PoC)
# Date 2018-06-24
# Vendor Homepage† http://www.digisol.com
# Hardware Link httpswww.amazon.inDigisol-DG-BR4000NG-Wireless-Broadband-802-11ndpB00A19EHYK
# Version: DIGISOL DG-BR4000NG Wireless Router
# Category Hardware
# Exploit Author Adipta Basu
# Tested on Mac OS High Sierra
# CVE CVE-2018-12706

# Reproduction Steps

- Goto your Wifi Router Gateway [i.e http192.168.2.1]
- Go to -- General Setup -- Wireless -- Basic Settings
- Open BurpSuite
- Reload the Page
- Burp will capture the intercepts.
- Add a string of 500 ì0îs after the Authorization Basic string
- The router will restart.
- Refresh the page, and the whole web interface will be faulty.