https://sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow
..In this post, we wanted to provide a behind-the-scenes look at our work and talk about our latest discovery—a buffer overflow vulnerability (CVE-2023-27217) in a Wemo Mini Smart Plug V2 (model F7C063) device…
This will be a long post so as a public service, here are key points:
Wemo Mini Smart Plug V2 is a popular consumer device that helps users remote-control electric devices.
The device is managed by a mobile application that allows its user to change the device name (a.k.a. ‘FriendlyName’).
The name length is limited to 30 characters or less, but this rule is only enforced by the app itself.
Through reverse engineering, we saw that circumventing the character limit resulted in a buffer overflow.
Through experimentation, we learned that we could obtain a measure of control and predictability over how the overflow occurred.
Leveraging these findings, we were able to demonstrate how the vulnerability can be used for command injection.
We reached out to Belkin (the device manufacturer) with our findings. However, the company informed us that the device is at the end of its life and will not be patched. Meanwhile, it’s safe to assume that many of these devices are still deployed in the wild.
Following the company’s response, we reached out to MITRE and informed them of the vulnerability, leading to them issuing CVE-2023-27217.
We recommend that device users will take some precautions, specifically limiting the device’s exposure to the Internet and internal/sensitive networks…
