Users of Linksys EA7500 routers are facing a severe security threat due to a recently discovered vulnerability affecting all firmware versions, including the latest Ver.3.0.1.207964. This flaw, identified as CVE-2023-46012, allows attackers with network adjacency to execute arbitrary code on the device without authentication, posing a significant risk to network security.
The vulnerability stems from the handling of HTTP request data by the Internet Gateway Device (IGD) Universal Plug and Play (UPnP) service of the routers. Specifically, the flaw occurs during the processing of a SOAP UPnP Action Request, where the router fails to properly validate the length of user-supplied data before copying it to a fixed-length stack buffer.
This oversight can be exploited by crafting a malicious HTTP request with an oversized string variable, triggering a buffer overflow. Consequently, an attacker can overwrite critical memory areas, potentially gaining control over the device’s execution flow and executing unauthorized code with root privileges.
To mitigate this risk, users are strongly advised to monitor the Linksys support page for firmware updates addressing this vulnerability. Timely application of security patches is crucial to safeguard against potential exploits and protect network infrastructure from unauthorized access.
Reference:
