Tenda W18E Stack Overflow Vulnerability in WiFi SSID Parameter Allowing Denial-of-Service

A stack overflow vulnerability has been identified in the Tenda W18E v2.0 router, specifically in the latest firmware version v16.01.0.11. The issue arises in the wifiSSID parameter at /goform/setModules, where improper handling of string data allows attackers to overwrite the stack buffer. This vulnerability can be exploited by sending a crafted POST request, causing a denial-of-service condition. Additionally, according to the original researcher, this stack overflow could lead to arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack overflow, leading to abnormal termination of the program and creating a denial-of-service condition. However, with a carefully crafted POST request, this vulnerability could also be leveraged for arbitrary code execution.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/setModules endpoint with a large payload in the wifiSSID field. The request must include a valid session cookie to bypass authentication.