cbcvebase.
CVE-2018-12706
published 2018-06-24

CVE-2018-12706: DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
10.04%
95.0th percentile
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.

Detection & IOCsextracted from sources · hover to see the quote

otherAuthorization: Basic <500 x '0'>
  • Monitor HTTP requests to router admin interface for abnormally long Authorization HTTP headers (e.g., 500+ characters after 'Basic '), which is the trigger condition for the buffer overflow on DIGISOL DG-BR4000NG devices.
  • Look for HTTP requests targeting the router gateway (e.g., 192.168.2.1) with an oversized Authorization Basic header value, particularly on paths related to wireless basic settings.
  • Unexpected router restarts or a faulty/unresponsive web interface following HTTP requests with large Authorization headers may indicate exploitation of this buffer overflow.
  • ·The PoC was tested on Mac OS High Sierra using BurpSuite as an HTTP proxy to intercept and modify requests; reproduction requires LAN/WiFi access to the target device's admin interface.
  • ·The vulnerability is specific to the DIGISOL DG-BR4000NG Wireless Router hardware; detection rules should be scoped to this device model to avoid false positives.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.