Analysis of Stack Overflow Vulnerability in Netgear R8300
Vulnerability Description: There is a stack overflow vulnerability in the sub_25E04 function of the upnpd file. The length is not checked during strcpy, causing an overflow and allowing for a ROP attack to achieve command execution. Version: 1.0.2.134 Vulnerability Analysis and Reproduction1. Firmware Simulation Using qemu system simulation: qemu startup: qemu-system-arm -M vexpress-a9 -kernel vmlinuz-3.2.0-4-vexpress … Read more