Skip to content

SeeNanshaneisurely/cve-2022-27255

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow

This repository contains the materials for the talk "Exploring the hidden attack surface of OEM IoT devices: pwning thousands of routers with a vulnerability in Realtek’s SDK for eCos OS.", which was presented at DEFCON30.

The contents of this repo include:

  • analysis: Automated firmware analysis to detect the presence of CVE-2022-27255 (Run analyse_firmware.py).
  • exploits_nexxt: PoC and exploit code. The PoC should work on every affected router, however the exploit code is specific for the Nexxt Nebula 300 Plus router.
  • ghidra_scripts: Vulnerable function call searching script and CVE-2022-27255 detection script.
  • DEFCON: Slide deck & poc video.

Acknowledgements

  • Octavio Gianatiempo (@ogianatiempo).
  • Octavio Galland (@GallandOctavio)
  • Javier Aguinaga (@pastaCLS)
  • Emilio Couto (@ekio_jp)

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 71.8%
  • C 27.1%
  • Other 1.1%