Full Report
A Buffer Overflow exploited through web interface by remote attacker cause denial of service.
Analysis Summary
# Vulnerability: Kraftway-24F2XG Router Buffer Overflow Leading to DoS
## CVE Details
- CVE ID: CVE-2018-15354
- CVSS Score: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (High)
- CWE: Buffer Overflow (Implied by description)
## Affected Systems
- Products: Kraftway-24F2XG Router
- Versions: Firmware version 3.5.30.1118
- Configurations: N/A (Exploitation occurs via the web interface)
## Vulnerability Description
A remote attacker can exploit a Buffer Overflow vulnerability present in the web interface of the affected router. Successful exploitation allows the attacker to disrupt the device's normal operation, resulting in a Denial of Service (DoS).
## Exploitation
- Status: Unknown (Existence of exploit unknown at time of advisory)
- Complexity: Low (Attack complexity is Low, as no user interaction is required)
- Attack Vector: Network (AV:N)
## Impact
- Confidentiality: No Impact (C:N)
- Integrity: No Impact (I:N)
- Availability: High Impact (A:H)
## Remediation
### Patches
- Update firmware to version **3.5.47-315-gef7** or higher.
### Workarounds
- No specific workarounds detailed in the advisory other than patching. (Network segmentation or restricting web interface access might serve as implicit mitigation).
## Detection
- Indicators of Compromise (IOCs) were not detailed in the advisory.
- Detection methods would involve monitoring network traffic directed at the router's web interface for abnormally large or malformed inputs that might trigger the buffer overflow condition.
## References
- Vendor Advisory: KLCERT-18-010
- NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15354
- Kaspersky Advisory: ics-cert[.]kaspersky[.]com/advisories/2018/08/17/klcert-18-010-kraftway-24f2xg-router-denial-of-service/