Key Information Summary Vulnerability Overview Vendor: Linksys Products: RE5500, RE6250, RE6300, RE6350, RE7000, RE9000 Versions: - RE5500(1.0.13.001) - RE6250(1.0.4.001) - RE6300(1.0.7.001) - RE6350(1.0.4.001) - RE7000(1.0.5.003) - RE9000(1.0.4.002) Type: Stack Overflow Author: Jiajun Peng Email: pengjiajun@iie.ac.cn Institution: Institute of Information Engineering, Chinese Academy of Sciences Vulnerability Description Affected Scope: Multiple Linksys routers, particularly newer models such as RE5500. Details: A stack overflow vulnerability was discovered in the firmware of Linksys routers, allowing remote attackers to trigger it via the parameter, leading to server crash. Stack Overflow Details Function: Issue: The parameter lacks length validation and is directly passed to for storage. Excessively long data causes stack overflow, enabling attackers to control and execute arbitrary code. Additional Notes Recommendation: Input validation should include string content checks to prevent similar issues. PoC (Proof of Concept) Method: Set to to trigger abnormal router behavior. Result: Router crashes and fails to provide normal services. Analysis Results Debug Information: - Core file generated by . - Program terminated due to SIGSEGV signal, indicating a segmentation fault. - Register status shows abnormal and values.