CVE-2014-125122

Name of the Vulnerable Software and Affected Versions Linksys WRT120N wireless routers (affected versions not specified)

Description A stack-based buffer overflow exists in the tmUnblock.cgi endpoint of Linksys WRT120N wireless routers. The issue occurs when processing the TM Block URL parameter. Exploitation may allow a remote attacker to gain unauthorized access to the web management interface by sending a specially crafted POST request. Specifically, a remote, unauthenticated attacker can overwrite memory in a controlled manner, allowing them to temporarily reset the device’s administrator password to a blank value, enabling unauthorized access to the router’s web administration interface without valid credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.