RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process.
The vulnerability results from unsafe use of the sprintf() function when logging invalid HTTP requests. An attacker sends a specially crafted HTTP request with an appropriately constructed URI, causing a stack-based buffer overflow. As a result, it is possible to overwrite the function's return address and take control of the program's execution flow. Exploitation occurs in the context of the web server process.
An attacker can execute arbitrary code (RCE) in the context of the web server process without any authentication. In practice, this can lead to complete takeover of the system running the vulnerable application.
Apply patches available from the vendor according to the references. It is recommended to check the availability of a newer version of the application at the vendor's address and restrict network access to the vulnerable HTTP server using a firewall to trusted IP addresses.
RabidHamster R4 version 1.25
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X