Primary

Context

Tenda AC8V4 Stack-Based Buffer Overflow Vulnerability in WifiGuestSet

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in the Tenda AC8V4 router, specifically in version V16.03.34.06. The issue arises in the WifiGuestSet form handler, where the shareSpeed parameter can be manipulated. This parameter lacks a length restriction, allowing excessively long strings to be copied to the stack using the strcpy function, ultimately causing a stack overflow.

Impact

Exploitation of this vulnerability leads to a stack overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /goform/WifiGuestSet endpoint with the shareSpeed parameter. The value of this parameter should be a string long enough to exceed the buffer limit, such as 2000 bytes of repeated 'A' characters.

Added: Jul 24, 2025, 5:54 PM

Updated: Jul 24, 2025, 5:54 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

9.1

remediation

7.7

relevance

0.3

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

9.1

remediation

7.7

relevance

0.3

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC8V4 Stack-Based Buffer Overflow Vulnerability in WifiGuestSet

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC8V4

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating