Stack overflow in Realtek 8710 WPA2 key parsing leads to remote code execution
Ameba SDK (, 7.1d), fixed in 7.1d
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the
AES_UnWRAP function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
No PoC is supplied for this issue
No vulnerability mitigations are supplied for this issue