A critical stack-based buffer overflow in the TOTOLINK X15 router allows remote attackers to execute arbitrary code by manipulating the deviceMacAddr argument.

The vulnerability resides in the formMapReboot function, which fails to adequately validate the length of the deviceMacAddr argument. This flaw allows a remote attacker to trigger a stack-based buffer overflow, potentially resulting in remote code execution.

With a CVSS score of 8.8, this vulnerability poses a severe threat to network security. An attacker who successfully exploits this flaw can gain unauthorized control over the router, enabling eavesdropping on network traffic, redirecting user connections, or compromising other devices on the internal network.

Immediate Action: Check the manufacturer's support site for available firmware updates and apply them immediately to address this stack-based overflow.

Proactive Monitoring: Inspect router logs for anomalous input in reboot or configuration requests and monitor for unexpected outbound traffic from the router management interface.

Compensating Controls: If a patch is unavailable, restrict access to the router management interface to trusted internal IP addresses and disable remote administration.

Public Exploit Available: true

The combination of a stack-based buffer overflow and the availability of a public exploit makes this a critical issue. Administrators must apply available firmware updates immediately or isolate the device from the internet to prevent exploitation.