Tenda AX-1803 Stack Overflow Vulnerability Leading to Denial-of-Service

A stack overflow vulnerability has been identified in the Tenda AX-1803 router, specifically in version 1.0.0.1. The issue arises in the 'sub_4F55C' function, where the 'wanMTU' parameter is processed. The vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending a crafted request with an excessively long 'wanMTU' value. This unbounded parameter length is copied to a target buffer using 'strcpy', leading to the overflow and subsequent crash of the router, disrupting its service.

Impact

Exploitation of this vulnerability causes the router to crash, leading to a persistent denial-of-service condition where the device cannot provide normal services.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/AdvSetMacMtuWan' endpoint with a 'wanMTU' parameter that is excessively long, such as 1000 characters. This can be done using a script that automates the request, such as one written in Python using the 'requests' library.