Tenda W18E Stack Overflow Vulnerability in WiFi Password Parameter Allowing Denial-of-Service

A stack overflow vulnerability has been identified in the Tenda W18E router, specifically in version 2.0, firmware v16.01.0.11. The issue arises in the 'wifiPwd' parameter of the '/goform/setModules' endpoint. This vulnerability allows authenticated attackers to send crafted POST requests that overflow the stack buffer, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack overflow, which can disrupt normal program operation, leading to a denial-of-service condition. Additionally, according to the author, this vulnerability could be exploited to execute arbitrary code.

Reproduction

To reproduce this vulnerability, send a POST request to the '/goform/setModules' endpoint. Include a large amount of junk data in the 'wifiPwd' field. This can be done using a web browser or a tool like curl, but the request must be made with an active session cookie that includes the session ID.