CVE-2023-1875: 
PHP vulnerability analysis and mitigation

CVE-2023-1875 is a stack-based buffer overflow vulnerability discovered in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. The vulnerability was identified while researching the Levelone WBR-6013 router (Talos Intelligence).

The vulnerability exists in the formFilter API of the boa web server, specifically in the handling of the ip6addr parameter. When processing this parameter, no size validation is performed before copying the value into the ip6Addr struct member of the ipEntry stack variable, leading to a potential buffer overflow condition. The vulnerability was assigned a CVSSv3 score of 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) (Talos Intelligence).

A successful exploitation of this vulnerability could lead to arbitrary code execution on affected systems. The vulnerability affects the Realtek rtl819x Jungle SDK v3.4.11 and devices using this SDK, such as the LevelOne WBR-6013 router with firmware version RER4Av3411b2T2RLEV09170623 (Talos Intelligence).

Realtek has provided updated software to their customers to address this vulnerability. However, LevelOne has declined to patch the issues in their software. Users of affected devices should consider implementing network-level protections to restrict access to the device's web interface (Talos Intelligence).