Stack-based Buffer Overflow in confsrv set_mf_rule Functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14

Stack-based Buffer Overflow in confsrv set_mf_rule Functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14

CVE-2022-23918 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the ethAddr field within the protobuf message to cause a buffer overflow.

Learn more about our Network Penetration Testing.