This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Stack Buffer Overflow in HTTP Header Handler. π₯ **Consequence**: Remote Code Execution (RCE). Attackers can take full control of the device via malicious Host headers.
Q2Root Cause? (CWE/Flaw)
π οΈ **Root Cause**: **CWE-121** (Stack-based Buffer Overflow). The component fails to properly validate the length of the **Host** parameter in HTTP requests, causing memory corruption.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **Mercury** (China). π± **Product**: KM08-708H GiGA WiFi Wave2. π **Version**: Specifically **1.1.14**. Check your router firmware version immediately!
Q4What can hackers do? (Privileges/Data)
π **Privileges**: **Remote** & **Unauthenticated**. π **Impact**: **High** (CVSS 3.1). Full access to Confidentiality, Integrity, and Availability. Hackers can execute arbitrary code on your network.
Q5Is exploitation threshold high? (Auth/Config)
β‘ **Threshold**: **LOW**. π **Network**: Attack vector is **Network** (AV:N). π **Auth**: **None** required (PR:N). No login needed to trigger the exploit. Extremely dangerous!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Exploit Status**: **Yes**. π **Evidence**: References include a PDF labeled as **exploit** and third-party advisories (VDB-323827). PoCs or technical descriptions are likely circulating.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for **HTTP Host Header** anomalies. π‘ **Tools**: Use fuzzing tools to send oversized Host headers to port 80/443. Check if the router crashes or returns error codes indicative of overflow.
Q8Is it fixed officially? (Patch/Mitigation)
π‘οΈ **Fix Status**: **Unknown/Not Listed**. β οΈ **Warning**: The provided data shows **no official patch** or vendor advisory link confirming a fix. Assume it is **UNPATCHED** until verified.
Q9What if no patch? (Workaround)
π§ **Workaround**: π« **Block External Access**: Disable WAN access to the router's admin interface. π **Filter Headers**: If possible, use a firewall to drop malformed HTTP Host headers. Isolate the device on a VLAN.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: **CRITICAL**. π¨ **Priority**: **P1**. With **CVSS 9.8** (implied by H/I/H) and **No Auth** required, this is a high-risk RCE. Patch immediately or disconnect from the internet!