Linksys Vulnerability Overview Vendor: Linksyr Affected Products: - RE6500 - RE6250 - RE6300 - RE6350 - RE7000 - RE9000 Affected Versions: - RE6500 (1.0.013.001) - RE6250 (1.0.04.001) - RE6300 (1.2.07.001) - RE6350 (1.0.04.001) - RE7000 (1.1.05.003) - RE9000 (1.0.04.002) Vulnerability Type: Stack Overflow Author: Jiaqian Peng Contact: pengjiaqian@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences (IIE, CAS) Vulnerability Description Stack Overflow Description: A stack overflow vulnerability was found in the binary in the function . The function uses the parameter passed directly by the attacker. If the input is too long, it causes a stack overflow, allowing remote attackers to crash the server or execute arbitrary code. Exploitation Unchecked Input: The parameter is not checked and is directly copied to a local variable on the stack, causing overflow. Code Snippet: PoC: Result: The target router crashes and cannot provide services correctly and persistently. Recommendations Input Validation: Check the string content in the input extraction part to avoid such issues.