Part 3/7:

Just like any code, WAPD can have vulnerabilities, and the researcher who wrote the blog post discovered a classic buffer overflow. When the code receives data from the network, it casts the packet buffer to a structure and then uses the length from that structure to perform a memcpy, effectively giving an attacker control over the memory copy.

The in-depth write-up by the researcher goes into compiling WAPD for different platforms and increasing the security of the exploit at each step, ultimately leading to a successful attack on the Netgear WAX 206, a Wi-Fi 6 wireless access point.