Broadcom WiFi Chipset Drivers are prone to multiple heap-based buffer-overflow vulnerabilities.

Attackers may exploit these issues to execute arbitrary code within the context of the affected application. Failed exploits may result in denial-of-service conditions.

Information

Bugtraq ID: 108013

Class: Boundary Condition Error

CVE: CVE-2019-9501
CVE-2019-9502

Remote: Yes

Local: No

Published: Apr 17 2019 12:00AM

Updated: Apr 17 2019 12:00AM

Credit: Hugues Anguelkov

Vulnerable: Synology Router Manager 1.2
Broadcom Wifi Driver 0
Broadcom BCM4352 6.30.223.0
Broadcom BCM43236 6.37.14.105

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.