Description
Belkin Bulldog Plus version 4.0.2 build 1219 contains a stack-based buffer overflow vulnerability in its web service authentication handler. When a specially crafted HTTP request is sent with an oversized Authorization header, the application fails to properly validate the input length before copying it into a fixed-size buffer, resulting in memory corruption and potential remote code execution. Exploitation requires network access and does not require prior authentication.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- Belkin International, Inc. / Bulldog Plus UPS Monitoring Software0 – 4.0.2 build 1219
References
- EXPLOIThttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/belkin_bulldog.rb
- EXPLOIThttps://www.exploit-db.com/exploits/8173
- MISChttps://www.fortiguard.com/encyclopedia/ips/17325/belkin-bulldog-plus-web-services-buffer-overflow
- MISChttps://s3.belkin.com/support/dl/bulldogwindows.pdf
- VENDOR_ADVISORYhttps://www.vulncheck.com/advisories/belkin-bulldog-plus-web-service-buffer-overflow