Tenda AX12 Stack Overflow Vulnerability in SetNetControlList Function

A stack overflow vulnerability has been identified in the Tenda AX12 V1.0 router, specifically in the firmware version V22.03.01.46_CN. The vulnerability arises in the SetNetControlList function, which fails to properly validate the length of the data being sent in the request. This oversight allows an attacker to send a post request with an excessive amount of junk data, causing a denial-of-service condition by crashing the router.

Impact

Exploitation of this vulnerability leads to a segmentation fault, causing the router to crash and potentially creating a denial-of-service condition.

Reproduction

To reproduce this vulnerability, access the SetNetControlList interface after authorization. Send a post request with the list field populated with a large amount of junk data, exceeding 256 bytes. This can be done using a script that automates the process, such as one written in Python that uses the requests library to send the crafted post request. The request must include the appropriate headers and cookies to simulate an authorized user.